source: mod_gnutls/test/tests/20_TLS_reverse_proxy_client_auth/backend.conf @ e24eed6

debian/masterdebian/stretch-backportsjessie-backportsupstream
Last change on this file since e24eed6 was ed82a6a, checked in by Thomas Klute <thomas2.klute@…>, 5 years ago

Two more test cases for TLS reverse proxy and test locking fix

New test cases:

20: TLS reverse proxy with TLS client authentication between proxy and back end

server, otherwise the same as test case 19.

21: TLS reverse proxy scenario with the back end server presenting an imposter

certificate. The proxy must abort the connection and send an error message to
the client.

Bugfix: Each proxy test case used a lock file in its own test directory to protect
the back end server instance. Obviously, locking is only useful if the lock file
is shared between all potentially conflicting instances, thus it is moved to the
main test suite directory.

  • Property mode set to 100644
File size: 465 bytes
Line 
1Include ${PWD}/../../base_apache.conf
2
3CustomLog logs/${TEST_NAME}.backend.access.log combined
4ErrorLog logs/${TEST_NAME}.backend.error.log
5PidFile backend.pid
6
7GnuTLSCache dbm cache/gnutls_cache
8
9<VirtualHost ${BACKEND_IP}:${BACKEND_PORT}>
10 ServerName ${BACKEND_HOST}
11 GnuTLSEnable On
12 GnuTLSCertificateFile server/x509.pem
13 GnuTLSKeyFile server/secret.key
14 GnuTLSPriorities NORMAL
15 GnuTLSClientCAFile authority/x509.pem
16 GnuTLSClientVerify require
17</VirtualHost>
Note: See TracBrowser for help on using the repository browser.