hi , sorry in advance for my poor english.
i'm using revers proxy with apache 2 for secure owa or any web app on my organisation.
i use for exemple this directive for auth to access my webmail.
if astaro can do this is great using astaro certificate etc...
SSLProxyEngine on
SecRuleInheritance Off
ServerName webmail.mairie-lognes.fr
ProxyPass / https://internal-mail-ip/
ProxyPassReverse / https://internal-mail-ip//
SSLEngine on
SSLCertificateFile /etc/ssl/apache/webmail.internal.fr-cert.pem
SSLCertificateKeyFile /etc/ssl/apache/webmail.internal.fr-key.pem
SSLVerifyClient require
SSLCACertificatePath /etc/ssl/apache
SSLCACertificateFile /etc/ssl/apache/cacert.crt
if astaro can use this exemple for ssl cert auth require in reverse proxy mode as i do with apache 2 that would be nice using internal astaro certificate , is more easy to manage who have right to access to owa or other web application ( like financial full web app as i have on my organisation ) from internet.
in my opinion is the best way to secure access to the web application or webmail from the internet.
