Il giorno dom, 01/02/2009 alle 20.28 +1300, Amos Jeffries ha scritto: > Mailing List SVR wrote: > > Hi all, > > > > I have a soap client using python ZSI, the other end is oracle soa > > 10.1.3.1.0 all works fine since some months. The last week oracle soa > > was configured to accept client certificate authentication over https. > > If I try to use the standard python httplib.HTTPSConnection library it > > fails with the infamous "bad record mac" error and so also ZSI that use > > httplib. Other java tools such as soapui works just fine with oracle > > soa. > > > > Can squid do the hard work for me in the following configuration? > > > > ZSI soap client -> squid proxy over http -> oracle soa https > > > > however squid could be authenticate to oracle soa loading the cert file > > and the cert key from a local file. > > > > So I would like to send my soap request to squid over http and squid > > could connect to oracle soa over https presenting its own client > > certificate (not send from my application but load from local file). > > > > Is this configuration possible? > > > > thanks > > Nicola > > > > > > Yes Squid can certainly act as a HTTP->HTTPS proxy for you. > Just configure a normal cache_peer pointing at oracle to using SSL, > http://www.squid-cache.org/Doc/config/cache_peer/ > and configure ZSI to connect to the Squid HTTP port without SSL. thanks but squid need to present a client certificate to authenticate against oracle, cache peer seems lack directive to specify certificate, Nicola > > Amos
