[Mongrel] Getting ssl environment to mongrel from apache
snacktime at gmail.com
Thu Aug 3 15:23:34 EDT 2006
On 8/3/06, Zed Shaw <zedshaw at zedshaw.com> wrote:
> On Tue, 2006-07-25 at 10:51 -0700, snacktime wrote:
> > I have apache 1.3 with mod_ssl in front of mongrel/rails. Apache is
> > setup to require client certification, and I'm trying to figure out
> > how to pass the ssl env variables to mongrel. Here is the apache
> > config to proxy requests to mongrel. I haven't tried to pass env
> > variables like this before so I'm not sure if it's the apache config I
> > have wrong, if mongrel isn't picking up the env variables I am
> > setting, or if it's just not possible to do what I'm trying to do.
> > Any guidance would be appreciated.
> Did you get this working yet?
No, but the problem is that I'm using apache 1.3 that doesn't have a
way to set custom headers in the proxy request. 2.X would work, it's
just not an option in this case. In any case it's definitely not a
mongrel issue per say.
Using scgi does work, although I've ran into a different problem where
my app throws a Device Not Configured error when trying to make an
https connection after being idle for a few hours. I have a feeling
something in the mix isn't thread safe, but it's a bit above me to
The next thing I might try is to use pound. It will pass the ssl
client certificate to mongrel/rails where I can just do the
certificate verification manually with openssl.
More information about the Mongrel-users