httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Andrea Palmieri" <palmi...@eng.it>
Subject [users@httpd] SSL reverse proxy question
Date Fri, 22 Apr 2005 09:15:46 GMT
I'am using Apache as a reverse proxy to hide several backend servers which host several application

https://myapache/name1/application_a -> http://ipserver1/application_a
https://myapache/name1/application_b -> http://ipserver1/application_b
https://myapache/name2/application_c -> http://ipserver2/application_c


I'am using SSL client authentication with x509 certificates to authenticate users.

I was wondering if I can use different CA certificate files (one for each back-end server)
to authenticate users' client certificates. 
example 
users accessing application_a are authenticated using CertCA1
users accessing application_b are authenticated using CertCA1
users accessing application_c are authenticated using CertCA2

The  SSLCACertificateFile directive is used to set CA certificate files, but it can't be used
within a <Location> context !

Any suggestion or idea is really appreciated
Andrea  




Mime
View raw message