It's just an old set up that we don't want to change but what we want to do
is add client certification on the backend server as the certificates sit
on the backend server and not on the proxy.
On Jul 1, 2015 7:54 AM, "Marat Khalili" wrote:
> Obviously, SSL protects traffic from any tampering by
Obviously, SSL protects traffic from any tampering by proxy. However,
proxy can pass traffic through as-is when asked with CONNECT method; it
might solve your problem depending on what this problem is (why do you
need proxy in the first place?).
--
With Best Regards,
Marat Khalili
On 01/07/
Yes, the above link provides a directive to authenticate proxy which is not
what I am looking for.
I actually thought that I could use connect protol to create a tunnel from
client through proxy to the backend server.
What do you think about that?
On Wed, Jul 1, 2015 at 5:05 AM, Daniel wrote:
>
You can make your proxy identify with a specific key-cert combination with:
SSLProxyMachineCertificateFile
http://httpd.apache.org/docs/2.4/mod/mod_ssl.html#sslproxymachinecertificatefile
But "passthrough" as you say, that's not how proxy works AFAIK.
2015-06-30 23:57 GMT+02:00 pankit thapar :
>
Hi,
I wanted to know if there is a way to pass on the client cert as it is to a
backend server through an apache proxy without using the SSL headers.
Scenario:
Client---https--->Proxy(:443)---https--->BackEnd(:PORT)
The above figure is what I want to set up.
So, basically I want apache proxy to
