Yahoo Gmail Google Facebook Delicious Twitter Reddit Stumpleupon Myspace Digg

Search queries

nisc wwwxxx, wwwxxx0cm, should producers of software-based services, such as atms, be held liable for economic injuries suffered when their systems fail?, wwwxxx0cm,, Event 9 IIS log failed to write entry, wwwxxx jeffs, Catastrophic failure Unexpected method call sequence. 0x8000ffff (-2147418113)., ksh lock a file, [unixODBC][Driver Manager]Driver's SQLAllocHandle on SQL_HANDLE_DBC failed



#1: How clients certificates are choosen ?

Posted on 2009-06-12 22:41:28 by Nicolas Cros

Hello !

I want to setup a proxy, allowing my internal hosts to connect on
external https servers (which forces client authentication by using a

Excerpt of my .conf :

#ProxyPass /proxy/TEST/
#ProxyPassReverse /proxy/TEST/

SSLEngine on
SSLProxyEngine on
SSLProxyMachineCertificateFile /etc/httpd/conf/ssl/SSLproxy.pem
SSLCertificateFile /etc/httpd/conf/ssl/my.cer
SSLCertificateKeyFile /etc/httpd/conf/ssl/my.key
SSLCACertificateFile /etc/httpd/conf/ssl/ca-bundle.crt

I try to connect on 2 servers with similar configuration (same CA
used, both requiring client auth, ... ):

One connection is successfull, as i can saw in my debug httpd log file :

[debug] ssl_engine_kernel.c(1499): Proxy client certificate callback:
(myproxy:443) found acceptable cert, sending /C=XX/ST=CITY/L=Port/

The other one not :

[debug] ssl_engine_kernel.c(1571): Proxy client certificate callback:
(myproxy:443) no client certificate found!?

I wonder myself how clients certificates are choosen ?
Any thoughts ?

Thanks in advance

Nicolas Cros
Connaissez vous la maison du cordonnier ?
Elle se trouve ici :

____________________________________________________________ __________
Apache Interface to OpenSSL (mod_ssl)
User Support Mailing List
Automated List Manager

Report this message