Re: (internal app) --http-->apache---https--->(external app)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hi Eric, 
I tried the hint - SSLProxyEngine On. The https connection works with websites/applications that don't require a certificate. 
For websites/applications that require a certificate, it fails. Please verify if the below config makes sense?
I included the following SSL directives in the virtualhost port. 
<VirtualHost my_ipaddr:44444>
    ---  
SSLProxyEngine On
SSLEngine On SSLCertificateFile /etc/httpd/ssl/servercerts/server.CRT SSLCertificateKeyFile /etc/httpd/ssl/servercerts/server.KEY SSLProxyMachineCertificateFile /etc/httpd/ssl/clientcerts/client-cert.p12 
    --
</VirtualHost>
------------------------------
[Mon Aug 24 10:31:11 2009] [debug] ssl_engine_kernel.c(1765): OpenSSL: Read: SSLv3 read finished A
[Mon Aug 24 10:31:11 2009] [debug] ssl_engine_kernel.c(1784): OpenSSL: Exit: failed in SSLv3 read finished A
[Mon Aug 24 10:31:11 2009] [info] [client ip_addr1] SSL library error 1 reading data
[Mon Aug 24 10:31:11 2009] [info] SSL Library Error: 336151568 error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert handshake failure
[Mon Aug 24 10:31:11 2009] [info] SSL Library Error: 336150757 error:140940E5:SSL routines:SSL3_READ_BYTES:ssl handshake failure
[Mon Aug 24 10:31:11 2009] [error] [client ip_addr2] (20014)Internal error: proxy: error reading status line from remote server webapplication_server 
[Mon Aug 24 10:31:11 2009] [debug] mod_proxy_http.c(1466): [client 199.130.193.102] proxy: NOT Closing connection to client although reading from backend server webapplication_server failed.
-----------------------------


--- On Sun, 8/23/09, Eric Covener <covener@xxxxxxxxx> wrote:

> From: Eric Covener <covener@xxxxxxxxx>
> Subject: Re:  (internal app) --http-->apache---https--->(external  app)
> To: users@xxxxxxxxxxxxxxxx
> Date: Sunday, August 23, 2009, 9:17 PM
> > [Sun Aug 23 12:24:39 2009]
> [error] [client 73.155.40.73] SSL Proxy requested for
> my_proxyserver:80 but not enabled [Hint: SSLProxyEngine]
> 
> Tried the hint?
> 
> -- 
> Eric Covener
> covener@xxxxxxxxx
> 
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP
> Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more
> info.
> To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
>    "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
> For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
> 
> 


      

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
   "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux