You are viewing a plain text version of this content. The canonical link for it is here.
Posted to modperl@perl.apache.org by "Christopher L. Everett" <ce...@cobalt.physemp.com> on 2001/06/29 01:09:28 UTC
SSL and thin/fat server setups.
Hello all,
I've been running apache+mod_perl servers with apache+mod_ssl
front-ends, and been quite happy with this type of setup for
quite some time.
Now I need to use SSL certificates for authenticating users
of an online database. It seems like there's no way to get
the SSL information that the front-end sees to the back-end
server because the SSL protocol underlies the HTTP protocol
(outside of writing a custom apache module, and passing back
the cert info in headers) and there's no such thing as an SSL
proxy module that I've been able to find.
Right now, I'm considering setting up a very lightweight
apache+mod_perl+ssl+mod_proxy frontend with just a single
perl auth/authz handler installed, and have that decrypt,
authenticate, authorize, and proxy all SSL requests back
to the fat server. Then I revert the apache+mod_ssl front
end to a vanilla apache server and have it handle all
plain HTTP requests.
Before I do this, I'd just like to know if anyone has any
other ideas on how to do this.
--Christopher