www-modproxy-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From m...@fnmt.es
Subject Proxying client certificate
Date Fri, 04 Oct 2002 06:46:54 GMT



Hello all,

I'm trying to do the following and I don't success:

I want to authenticate users against a Apache 2.0.40 proxy using SSL with client
certificate authentication. Beyond the proxy, there is a Web server in
militarized zone and I want to forward the X.509v3 user certificate to this Web
server, in order to perform access control.

I have tried to configure the proxy with SSL and client authentication using
certs and the Web server with SSL (without authentication) and, of course, this
doesn't work since two different SSL contexts are established: Browser->Proxy
and  Proxy->SSL, so the information about the SSL channel in the Web server has
nothing to do with the browser -> the server doesn't receive the user
certificate.

I have also tried to configure the proxy with SSL and client authentication with
certs and the Web server without SSL. This works but, obviously, the information
about the SSL channel established between the browser and the proxy is not
forwarded to the Web server.

I've set "SSLOptions" to  "+StdEnvVars +CompatEnvVars +ExportCertData"  in the
proxy and I wonder if it is possible to forward the environment variables from
the proxy to the Web server.

Can any of you give me any ideas?

Thanks in advance,

Miguel Ángel Peña.





Mime
View raw message