Hi all, I have a Apache2 + mod_ssl + havp + squid as a transparent HTTPS-Proxy with virus scanner deployed. Since mod_ssl has only the ability to host only one SSL hostname based certificate per IP I'm looking for a solution to host multiply hostnames with dynamically generated certificates based and certificated on a trusted proxy ca on the fly. This seam as a man-in-the-middle attack from a bad guy, but this will be practical deployed in a trusted company net, which should be protected against HTTPS-virus deployment. Has anybody seen a similar solution or knows how to patch mod_ssl or maybe a mod_ssl fork which realise such an issue ? Astaro firewall has such a commercial solution based on closed source. Regards Dirk -- GMX FreeDSL Komplettanschluss mit DSL 6.000 Flatrate und Telefonanschluss für nur 17,95 Euro/mtl.!* http://portal.gmx.net/de/go/dsl02 --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|