On Tue, Mar 18, 2008 at 1:38 PM, James Ellis <ellisje22@xxxxxxxxxxx> wrote: > > I am trying to get a reverse proxy working for the following architecture: > > Browser --> HTTPS --> ServerA --> HTTPS --> Server B > > I can get a half-a$$ solution working like this: > > <VirtualHost _default_:443> > SSLProxyEngine on > SSLEngine on > SSLCertificateFile "C:/Program Files/Apache Software > Foundation/Apache2.2/conf/server.crt" > SSLCertificateKeyFile "C:/Program Files/Apache Software > Foundation/Apache2.2/conf/server.key" > ProxyPass /clustertest https://XXX.XXX.X.XXX:444/clustertest > </VirtualHost> > > ...but this isn't exactly how I want it. It's taking the certificate from > ServerA and encrypting request, but then creating a new SSL session to talk > to ServerB. > > I would like to be able to take the certificate from ServerB, encrypt the > request and have ServerA just "pass on" the whole encrypted request to > ServerB. > > Is this possible? What you want can't work because the path information is inside the encrypted request and that will only be available to ServerA if it decrypts the request. You can do simple port-forwarding (not HTTP proxying) to pass along the encrypted stream, but then you have to do it for the whole server, not just the /clustertest path. Joshua. --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|