Client SSL Proxy Configuration
This is a discussion on Client SSL Proxy Configuration within the Modssl Users forums, part of the Web Server and Related Forums category; > This message is in MIME format. Since your mail reader does not understand this format, some or all of ...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
04-23-2009
|
|||
|
|||
Client SSL Proxy Configuration
> This message is in MIME format. Since your mail reader does not understand
this format, some or all of this message may not be legible. --B_3323348685_2903263 Content-type: text/plain; charset="ISO-8859-1" Content-transfer-encoding: quoted-printable Hello, >=20 > I consume web services from an outside-of-my-firewall SSL server that req= uires > clients to be SSL-authenticated (clients must pre-register). My applicat= ion > server resides inside of my firewall. I would like to access the > aforementioned web services through a proxy in order to not expose my int= ernal > server hostname to the outside world. I have tried to setup my SSL conne= ction > (e.g., using my client certificate, trusting the web service provider) fr= om > within my internal application server w/ the client certificate generated= for > the proxy (as opposed to the hidden application) server but the SSL serve= r > would not fall for it. >=20 > Assuming that my initial approach is not possible, I would like to use an > apache http server as my proxy-server/SSL-client. My goal is to keep thi= s > apache server thin (i.e., only configuration, no extra java code). Is th= ere a > way to configure mod_proxy and (specially) mod_ssl to do this very thing? >=20 > Here=B9s my proxy.conf template: >=20 > ProxyRequests On > <Proxy *> > Order deny,allow > Deny from all > Allow from internal_ip_address > </Proxy> >=20 > Cheers, >=20 > John. --B_3323348685_2903263 Content-type: text/html; charset="ISO-8859-1" Content-transfer-encoding: quoted-printable <HTML> <HEAD> <TITLE>Client SSL Proxy Configuration</TITLE> </HEAD> <BODY> <FONT FACE=3D"Calibri, Verdana, Helvetica, Arial"><SPAN STYLE=3D'font-size:11pt= '>Hello,<BR> </SPAN></FONT><BLOCKQUOTE><FONT FACE=3D"Calibri, Verdana, Helvetica, Arial"><= SPAN STYLE=3D'font-size:11pt'><BR> I consume web services from an outside-of-my-firewall SSL server that requi= res clients to be SSL-authenticated (clients must pre-register). My ap= plication server resides inside of my firewall. I would like to access= the aforementioned web services through a proxy in order to not expose my i= nternal server hostname to the outside world. I have tried to setup my= SSL connection (e.g., using my client certificate, trusting the web service= provider) from within my internal application server w/ the client certific= ate generated for the proxy (as opposed to the hidden application) server bu= t the SSL server would not fall for it. <BR> <BR> Assuming that my initial approach is not possible, I would like to use an a= pache http server as my proxy-server/SSL-client. My goal is to keep th= is apache server thin (i.e., only configuration, no extra java code). = Is there a way to configure mod_proxy and (specially) mod_ssl to do this ver= y thing?<BR> <BR> Here’s my proxy.conf template:<BR> <BR> ProxyRequests On<BR> <Proxy *><BR> Order deny,allow<BR> Deny from all<BR> Allow from <I>internal_ip_address<BR> </I></Proxy><BR> <BR> Cheers,<BR> <BR> John.<BR> </SPAN></FONT></BLOCKQUOTE> </BODY> </HTML> --B_3323348685_2903263-- __________________________________________________ ____________________ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List modssl-users@modssl.org Automated List Manager majordomo@modssl.org 
|
Linear Mode
