A Happy New Year!
Here I am again, returning to the tests I've stared last year.
To recap, what I would like to achieve is to use delegated as a reverse
SSL proxy, which authenticates SSL clients based on personal
Based on the previously exchanged messages, I've been able to achieve
- compile delegated on a Linux PC and test it as a regular http proxy
- compile SSLeay and sslway, generate the server certificates based on
http://wall.etl.go.jp/mail-lists/delegate-en/44, run delegated as a
SSL proxy and establish an non authenticated SSL connection between
my browser (MSIE) and delegated
- running "delegated -ac -client_auth" my browser's request was rejected
not having the appropriate certificate
What I was unable to achieve was to add a client certificate to my
generated by using only SSLeay (actually using CA.sh, a shell wrapper
included in the distribution)
I've only been able to get those browser certificates installed in both
MSIE and NS by using the information provided in the following
Which documents basically say that there is something wrong with the
way SSLeay creates the certificates and provide a fix which works.
Getting back to delegated and using my newly generated cacert.pem and
certificates I'm unable to get the authentication working and I'm back
original behavior, when each time the client initiates a request, on the
I'm prompted for a password (presumably because the cakey.pem is not
I'm wondering if after such a long message I still can get any
and more than that, some new suggestions.