source: mod_gnutls/test/tests/20_TLS_reverse_proxy_client_auth/apache.conf @ 8b472af

debian/masterdebian/stretch-backportsjessie-backportsproxy-ticketupstream
Last change on this file since 8b472af was 8b472af, checked in by Thomas Klute <thomas2.klute@…>, 5 years ago

Use server root for file paths in TLS proxy config

This is what users should be able to expect. Changing the return type of
load_proxy_x509_credentials to apr_status_t is not really a change: It
used APR status values before, but now the type is declared as such.
Absence of client credentials for the proxy is not necessarily a problem
(the back end server(s) may not require any), so the log level should be
lower than "warning".

  • Property mode set to 100644
File size: 671 bytes
RevLine 
[ed82a6a]1Include ${PWD}/../../base_apache.conf
2
3GnuTLSCache dbm cache/gnutls_cache
4
5LoadModule proxy_module /usr/lib/apache2/modules/mod_proxy.so
6LoadModule proxy_http_module /usr/lib/apache2/modules/mod_proxy_http.so
7
8<VirtualHost ${TEST_IP}:${TEST_PORT}>
9 ServerName ${TEST_HOST}
10 GnuTLSEnable On
11 GnuTLSCertificateFile server/x509.pem
12 GnuTLSKeyFile server/secret.key
13 GnuTLSPriorities NORMAL
14
15 SSLProxyEngine On
[8b472af]16 GnuTLSProxyKeyFile             client/secret.key
17 GnuTLSProxyCertificateFile     client/x509.pem
18 GnuTLSProxyCAFile              authority/x509.pem
[ed82a6a]19 ProxyPass /proxy/ https://${BACKEND_HOST}:${BACKEND_PORT}/
20 ProxyPassReverse /proxy/ https://${BACKEND_HOST}:${BACKEND_PORT}/
21</VirtualHost>
Note: See TracBrowser for help on using the repository browser.