asynciodebian/masterdebian/stretch-backportsjessie-backportsproxy-ticketupstream
|
Last change
on this file since 49d25a9 was
907ae8f,
checked in by Thomas Klute <thomas2.klute@…>, 6 years ago
|
|
New test case: Proxy server detects revoked back end cert using CRL
The test case generates a CRL revoking the server certificate. Using
it as GnuTLSProxyCRLFile should cause the connection to the back end
server to fail.
|
-
Property mode set to
100644
|
|
File size:
635 bytes
|
| Line | |
|---|
| 1 | Include ${PWD}/../../base_apache.conf |
|---|
| 2 | |
|---|
| 3 | GnuTLSCache dbm cache/gnutls_cache |
|---|
| 4 | |
|---|
| 5 | LoadModule proxy_module /usr/lib/apache2/modules/mod_proxy.so |
|---|
| 6 | LoadModule proxy_http_module /usr/lib/apache2/modules/mod_proxy_http.so |
|---|
| 7 | |
|---|
| 8 | <VirtualHost ${TEST_IP}:${TEST_PORT}> |
|---|
| 9 | ServerName ${TEST_HOST} |
|---|
| 10 | GnuTLSEnable On |
|---|
| 11 | GnuTLSCertificateFile server/x509.pem |
|---|
| 12 | GnuTLSKeyFile server/secret.key |
|---|
| 13 | GnuTLSPriorities NORMAL |
|---|
| 14 | |
|---|
| 15 | SSLProxyEngine On |
|---|
| 16 | GnuTLSProxyCAFile ${PWD}/../../authority/x509.pem |
|---|
| 17 | GnuTLSProxyCRLFile ${PWD}/crl.pem |
|---|
| 18 | ProxyPass /proxy/ https://${BACKEND_HOST}:${BACKEND_PORT}/ |
|---|
| 19 | ProxyPassReverse /proxy/ https://${BACKEND_HOST}:${BACKEND_PORT}/ |
|---|
| 20 | </VirtualHost> |
|---|
Note: See
TracBrowser
for help on using the repository browser.
