Link to home
Start Free TrialLog in
Avatar of ThatNewGuy
ThatNewGuyFlag for United States of America

asked on

Apache reverse proxy to Domino (CAC Authentication)

I am very new to both Apache and Domino.  I have been tasked with using an Apache front end to pass SSL traffic to our back end domino server for CAC authentication for our users.  I have been able to successfully proxy a client through to Domino, however the request does not maintain the CAC header information.

So effectively what I am trying to do is:

client -------> Apache -------->Domino  (443 all the way through)

I realize that when doing this it acts as 2 separate SSL transactions and to deal with that I am trying to use mod_header in apache to pass the CAC information.  When doing this I keep receiving this error:

"Proxy client certificate callback downstream server wanted client certificate but none are configured"

I have tried some of the other solutions on these forums but still nothing is working.  Any help is greatly appreciated.

Thank you!!
Avatar of doninja
doninja
Flag of United Kingdom of Great Britain and Northern Ireland image

If you are providing SSL on the apache then the connection to domino does not need to also be SSL encrypted as it will loose information as you are finding.
Avatar of ThatNewGuy

ASKER

Donin, Thank you for the response :)

Unfortunately I have also tried that route but according to IBM support SSL must be enabled on Domino to allow for CAC authentication so I have to configure it this way :(
ASKER CERTIFIED SOLUTION
Avatar of ThatNewGuy
ThatNewGuy
Flag of United States of America image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
I found the solution; therefore I posted it so that others who may need this information have it and then I accepted it as my answer.