ok, so I've gotten past all my apache/siteminder problems and now siteminder and apache are playing together nicely. I have a new problem where when I try to access one of my sites it errors out in the section that uses LDAP. Now I might be wrong about thinking it is ldap issues, but I'll see how much information people can give me. When I compiled apache I didn't not add in mod_ldap. I had thought using perl's NET::LDAP would allow it to work. Do I need to use mod_ldap for ldap stuff in my code to work? I ripped out apache and tried to recompile it with mod_ldap using "--with-ldap" like it says on the page for mod_ldap, but ended up getting an error saying something about srclib/apr-util and not being able to find an LDAP library. Is there something special I have to do with apr-util? It is in the apache srclib directory and there were files dealing with ldap in there. The configure I did looked like this: ./configure --prefix=/opt/web/apache2 \ --with-mpm=prefork \ --with-ldap \ --enable-so I looked on the web for information about apr-util and ldap, but didn't find anything too useful. -Lindsey -----Original Message----- From: Ellison , John P [mailto:jp@xxxxxxxxxx] Sent: Tuesday, July 11, 2006 2:14 PM To: users@xxxxxxxxxxxxxxxx Subject: [users@httpd] RE: proxy SSL question > > Ellison , John P wrote: > > Hi. I was wondering if I can setup a reverse proxy using Apache and > > somehow have the origin server require a "client" certificate from the > > proxy server? I've been reading the docs about the directives, and it > > looks like the SSLProxyVerify directive will require the proxy to obtain > > a valid certificate from the origin. I need to have the origin verify > > the identity of the proxy server as well. > > Looks like you need SSLProxyMachineCertificateFile. It's the certificate > store that a reverse proxy will use to authenticate itself to remote > servers requiring client certificates. > > Joost Thanks. I completely missed that. JP --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|