Hi! Pls help with the following scenario:
http Server -> Apache proxy -> A) HTTPS Service with self signed certificate A_C
-> B) HTTPS Service with certificate B_C signed by thawte T_CA
I am sending http requests to the Apache proxy. On Apache proxy, I have a virtual host with
...
ProxyRequests Off
ProxyPreserveHost On
ProxyVia On
ProxyTimeout 2
SSLEngine off
SSLProxyEngine on
SSLProxyVerifyDepth 2
SSLProxyVerify require
SSLProxyMachineCertificateFile /usr/local/apache2/conf/ssl/???.pem
<Location ...
ProxyPass https://....
...
On servers A und B, there is no client key authentication, so just simple https.
My questions:
- What do I have to put in ???.pem for the SSLProxyMachineCertificateFile. If - how do I have to use openssl to generate client keys?
- Does I have to put the A_C and B_C from servers A und B somewhere in order to pass SSLProxyVerify require? Do I have to insert that T_CA certificate additionally, or the whole chain?
- Am I missing some other definitions?
Thx a lot
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
" from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|