source: mod_gnutls/test/tests/20_TLS_reverse_proxy_client_auth/apache.conf @ 49d25a9

debian/masterdebian/stretch-backportsjessie-backportsproxy-ticketupstream
Last change on this file since 49d25a9 was ed82a6a, checked in by Thomas Klute <thomas2.klute@…>, 5 years ago

Two more test cases for TLS reverse proxy and test locking fix

New test cases:

20: TLS reverse proxy with TLS client authentication between proxy and back end

server, otherwise the same as test case 19.

21: TLS reverse proxy scenario with the back end server presenting an imposter

certificate. The proxy must abort the connection and send an error message to
the client.

Bugfix: Each proxy test case used a lock file in its own test directory to protect
the back end server instance. Obviously, locking is only useful if the lock file
is shared between all potentially conflicting instances, thus it is moved to the
main test suite directory.

  • Property mode set to 100644
File size: 708 bytes
Line 
1Include ${PWD}/../../base_apache.conf
2
3GnuTLSCache dbm cache/gnutls_cache
4
5LoadModule proxy_module /usr/lib/apache2/modules/mod_proxy.so
6LoadModule proxy_http_module /usr/lib/apache2/modules/mod_proxy_http.so
7
8<VirtualHost ${TEST_IP}:${TEST_PORT}>
9 ServerName ${TEST_HOST}
10 GnuTLSEnable On
11 GnuTLSCertificateFile server/x509.pem
12 GnuTLSKeyFile server/secret.key
13 GnuTLSPriorities NORMAL
14
15 SSLProxyEngine On
16 GnuTLSProxyKeyFile ${PWD}/../../client/secret.key
17 GnuTLSProxyCertificateFile ${PWD}/../../client/x509.pem
18 GnuTLSProxyCAFile ${PWD}/../../authority/x509.pem
19 ProxyPass /proxy/ https://${BACKEND_HOST}:${BACKEND_PORT}/
20 ProxyPassReverse /proxy/ https://${BACKEND_HOST}:${BACKEND_PORT}/
21</VirtualHost>
Note: See TracBrowser for help on using the repository browser.