[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[users@httpd] Apache as a Mutual SSL enabled Forward Proxy

Hi all,

Im trying to configure Apache http server as a forward proxy with mutual ssl enabled. Following is the setup,

[HTTP client] ----------> [Apache Http Server]----------->[Web Server]

I need to enable Mutual SSL between  Apache Http Server, Web Server. Following is the proxy I have configured. It works fine when connecting other internet web servers.

Listen 3128
<VirtualHost *:3128>
  ProxyRequests On
  SSLProxyEngine On
  SSLVerifyClient require
  SSLVerifyDepth  10
  SSLProxyMachineCertificateFile D:\sys-projects\aaa\Apache24\Apache24\security\key-client.pem
  SSLProxyCACertificateFile D:\sys-projects\aaa\Apache24\Apache24\security\server.pem

I have tested connecting client directly to the Web server bypassing Apache Forward proxy and it works fine. But when it tries to connect through Apache server I'm getting following error on clients end,

java.io.IOException: Unable to tunnel through proxy. Proxy returns "HTTP/1.1 403 Proxy Error"

Even if I just enable one way SSL, the behavior is the same. Am I not importing the Server cert correctly into Apache? Or is there other configuration issue in my setup.

Please help me on this.

Eranda Rajapakshe
Computer Science and Engineering Undergraduate,
University of Moratuwa.