#here we can test http <-> https #these are not on by default in the 1.x based mod_ssl SSLProxyEngine On SSLProxyProtocol All SSLProxyCipherSuite ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL SSLProxyMachineCertificateFile @SSLCA@/asf/proxy/client_ok.pem #SSLProxyMachineCertificatePath @SSLCA@/asf/proxy SSLProxyCACertificateFile @SSLCA@/asf/certs/ca.crt SSLProxyCACertificatePath @ServerRoot@/conf/ssl SSLProxyCARevocationFile @SSLCA@/asf/crl/ca-bundle.crl = 2.3.15> SSLProxyCARevocationCheck chain SSLProxyVerify on SSLProxyVerifyDepth 10 ProxyPass / https://@proxyssl_url@/ ProxyPassReverse / https://@proxyssl_url@/ #here we can test https <-> https SSLEngine on #these are not on by default in the 1.x based mod_ssl SSLProxyEngine On # ensure that client_ok.pem is picked first: SSLProxyMachineCertificateFile @SSLCA@/asf/proxy/client_ok.pem SSLProxyMachineCertificatePath @SSLCA@/asf/proxy SSLProxyCACertificateFile @SSLCA@/asf/certs/ca.crt SSLProxyVerify on SSLProxyCARevocationPath @SSLCA@/asf/crl = 2.3.15> SSLProxyCARevocationCheck chain ProxyPass / https://@proxyssl_url@/ ProxyPassReverse / https://@proxyssl_url@/ #here we can test http <-> https using SSLProxyMachine* inside #these are not on by default in the 1.x based mod_ssl SSLProxyEngine On SSLProxyProtocol All SSLProxyCipherSuite ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL SSLProxyCACertificateFile @SSLCA@/asf/certs/ca.crt SSLProxyCACertificatePath @ServerRoot@/conf/ssl SSLProxyCARevocationFile @SSLCA@/asf/crl/ca-bundle.crl = 2.3.15> SSLProxyCARevocationCheck chain SSLProxyVerify on SSLProxyVerifyDepth 10 ProxyPass / https://@proxyssl_url@/ ProxyPassReverse / https://@proxyssl_url@/ SSLProxyMachineCertificateFile @SSLCA@/asf/proxy/client_ok.pem #SSLProxyMachineCertificatePath @SSLCA@/asf/proxy #here we can test https <-> https using SSLProxyMachine* inside SSLEngine on #these are not on by default in the 1.x based mod_ssl SSLProxyEngine On SSLProxyCACertificateFile @SSLCA@/asf/certs/ca.crt SSLProxyVerify on SSLProxyCARevocationPath @SSLCA@/asf/crl = 2.3.15> SSLProxyCARevocationCheck chain ProxyPass / https://@proxyssl_url@/ ProxyPassReverse / https://@proxyssl_url@/ # ensure that client_ok.pem is picked first: SSLProxyMachineCertificateFile @SSLCA@/asf/proxy/client_ok.pem SSLProxyMachineCertificatePath @SSLCA@/asf/proxy #here we can test https <-> http SSLEngine on ProxyPass / http://@servername@:@port@/ ProxyPassReverse / http://@servername@:@port@/