apache做双向认证反向代理

1.源码安装apache
 下载apr-1.5.2.tar.gz、 apr-util-1.5.4.tar.gz、 httpd-2.4.17.tar.gz、 pcre-8.37.tar.gz
 将以上源码包上传服务器随意路径
 解压:
  tar zxvf apr-1.5.2.tar.gz
  tar zxvf apr-util-1.5.4.tar.gz 
  tar zxvf httpd-2.4.17.tar.gz 
  tar zxvf pcre-8.37.tar.gz
 安装：(编译器安前安装gcc-c++：yum -y install gcc-c++)
  cd pcre-8.37
  ./configure ;make ;make install
  cd apr-1.5.2
  ./configure ;make ;make install
  cd apr-util-1.5.4
  ./configure --prefix=/usr/local/apr-util --with-apr=/usr/local/apr
  make
  make install
  cd httpd-2.4.17
  ./configure --prefix=/usr/local/apache --with-apr=/usr/local/apr --with-apr-util=/usr/local/apr-util --enable-shared=max  --enable-module=rewirte  --enable-module=so --enable-mods-shared=all
  make
  make install
2.配置双向认证
  将所需全部证书上传到/usr/local/apache/ssl
  cd /usr/local/apache/conf
  vim httpd.conf
   取消 LoadModule ssl_module modules/mod_ssl.so   
        Include conf/extra/httpd-ssl.conf 
   前面的注释（删除#）
   :wq
  cd /usr/local/apache/conf/extra
  vim httpd-ssl.conf
   将SSLSessionCache        "shmcb:/usr/local/apache/logs/ssl_scache(512000)"  注释
   SSLCertificateFile "/usr/local/apache/ssl/mykey.crt" 配置服务端crt证书
   SSLCertificateKeyFile "/usr/local/apache/ssl/mykey.key" 配置服务端key
   SSLCertificateChainFile "/usr/local/apache/ssl/serverca.crt" 配置服务点证书链
   SSLCACertificatePath "/usr/local/apache/ssl/" 客户端证书路径
   SSLCACertificateFile "/usr/local/apache/ssl/ca.crt"  配置客户端证书
   取消SSLVerifyClient require   
       SSLVerifyDepth  10
   此两行前的注释。
   :wq
3.配置反向代理
  cd /usr/local/apache/conf
  vim httpd.conf 
  取消  LoadModule proxy_module modules/mod_proxy.so
        LoadModule proxy_ajp_module modules/mod_proxy_ajp.so
LoadModule proxy_http_module modules/mod_proxy_http.so
  前的注释
  cd /usr/local/apache/conf/extra
  vim httpd-ssl.conf
  在结尾</VirtualHost>前添加如下内容(例如将本机https://127.0.0.1/ 代理腾讯主页)
  ProxyPass / http://www.qq.com/
  ProxyPassReverse /  http://www.qq.com/
  ProxyPassReverseCookieDomain www.qq.com 127.0.0.1
  :wq