[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [users@httpd] Reverse proxy not sending certificate


Good advice. Thanks! However, I just retested with 2.4.35 and I get the exact same results as with 2.4.34. Any other ideas? I’d welcome a workaround too.




From: William A Rowe Jr [mailto:wrowe@xxxxxxxxxxxxx]
Sent: Friday, October 12, 2018 6:26 PM
To: users@xxxxxxxxxxxxxxxx
Subject: Re: [users@httpd] Reverse proxy not sending certificate


A number of regressions are fixed in 2.4.35, please retest against that version.



On Fri, Oct 12, 2018, 15:27 Schettler, Marty L. <Martin.L.Schettler@xxxxxxxxxx> wrote:

My reverse proxy config doesn’t work with SSL any more as I try to upgrade from 2.4.29 to 2.4.34.


My config:


SSLProxyEngine On

SSLProxyMachineCertificateFile /path/to/server_crt_and_key.crt

SSLProxyCACertificatePath /etc/cacerts


<Location /proxy>

  ProxyPass https://host01:9443/p

  ProxyPassReverse https://host01:9443/p

  SSLVerifyClient require




Again, this works just fine with 2.4.29. However, in 2.4.34 I get a 502 in my browser “Error reading from remote server” and my httpd log file has a warning “AH02268: Proxy client callback: (host01:443) downstream server wanted client certificate but none are configured.” Is this possible related to PR 62232? If so, I thought it would have been fixed in 2.4.32.


Any help is greatly appreciated!!