asynciodebian/masterdebian/stretch-backportsjessie-backportsproxy-ticketupstream
|
Last change
on this file since 8b472af was
8b472af,
checked in by Thomas Klute <thomas2.klute@…>, 7 years ago
|
|
Use server root for file paths in TLS proxy config
This is what users should be able to expect. Changing the return type of
load_proxy_x509_credentials to apr_status_t is not really a change: It
used APR status values before, but now the type is declared as such.
Absence of client credentials for the proxy is not necessarily a problem
(the back end server(s) may not require any), so the log level should be
lower than "warning".
|
-
Property mode set to
100644
|
|
File size:
587 bytes
|
| Line | |
|---|
| 1 | Include ${PWD}/../../base_apache.conf |
|---|
| 2 | |
|---|
| 3 | GnuTLSCache dbm cache/gnutls_cache |
|---|
| 4 | |
|---|
| 5 | LoadModule proxy_module /usr/lib/apache2/modules/mod_proxy.so |
|---|
| 6 | LoadModule proxy_http_module /usr/lib/apache2/modules/mod_proxy_http.so |
|---|
| 7 | |
|---|
| 8 | <VirtualHost ${TEST_IP}:${TEST_PORT}> |
|---|
| 9 | ServerName ${TEST_HOST} |
|---|
| 10 | GnuTLSEnable On |
|---|
| 11 | GnuTLSCertificateFile server/x509.pem |
|---|
| 12 | GnuTLSKeyFile server/secret.key |
|---|
| 13 | GnuTLSPriorities NORMAL |
|---|
| 14 | |
|---|
| 15 | SSLProxyEngine On |
|---|
| 16 | GnuTLSProxyCAFile authority/x509.pem |
|---|
| 17 | ProxyPass /proxy/ https://${BACKEND_HOST}:${BACKEND_PORT}/ |
|---|
| 18 | ProxyPassReverse /proxy/ https://${BACKEND_HOST}:${BACKEND_PORT}/ |
|---|
| 19 | </VirtualHost> |
|---|
Note: See
TracBrowser
for help on using the repository browser.
