Apache not redirecting from SSL

July 17, 2019 172 views
Apache Ubuntu 16.04

Hey all

I have a Ubuntu server on which sailjs is installed. In order for me to use this backend from another site I need to have the connection encrypted (https). I followed this tutorial.

With sailsjs I need to reroute any incomming connections to 127.0.0.1:1337 which I have done and that works. So after following the tutorial the plain http still works but pointing to the https version just returns the default apache2 screen.

I am not very knowledgeable with these things so it could probably be something stupid. In the code my actual IP has been changed to 1.2.3.4 Please find my configurations attached.

 <VirtualHost *:80>

        ServerAdmin webmaster@localhost
        ServerName 127.0.0.1
        DocumentRoot /var/www/projectName/
        <Directory />
                Options FollowSymLinks
                AllowOverride None
        </Directory>
        <Directory /var/www/projectName/>
                Options Indexes FollowSymLinks MultiViews
                AllowOverride None
                Order allow,deny
                allow from all
                RewriteEngine on

                # Don't rewrite files or directories
                RewriteCond %{REQUEST_FILENAME} -f [OR]
                RewriteCond %{REQUEST_FILENAME} -d
                RewriteRule ^ - [L]

                # Rewrite everything else to index.html
                # to allow html5 state links
                RewriteRule ^ index.html [L]
                AllowOverride All
        </Directory>


        ErrorLog ${APACHE_LOG_DIR}/error.log
        CustomLog ${APACHE_LOG_DIR}/access.log combined

        ProxyRequests Off

        <Proxy *>
                Order deny,allow
                Allow from all
        </Proxy>

        ProxyPass / http://127.0.0.1:1337
        ProxyPassReverse / http://127.0.0.1:1337

        Redirect "/" "https://1.2.3.4/"
 </VirtualHost>
 <IfModule mod_ssl.c>
        <VirtualHost _default_:443>
                ServerAdmin marco.pieterse@gmail.com
                ServerName 1.2.3.4

                DocumentRoot /var/www/html


                ErrorLog ${APACHE_LOG_DIR}/error.log
                CustomLog ${APACHE_LOG_DIR}/access.log combined


                SSLEngine on

                SSLCertificateFile      /etc/ssl/certs/apache-selfsigned.crt
                SSLCertificateKeyFile /etc/ssl/private/apache-selfsigned.key


                #SSLCertificateChainFile /etc/apache2/ssl.crt/server-ca.crt

                #SSLCACertificatePath /etc/ssl/certs/
                #SSLCACertificateFile /etc/apache2/ssl.crt/ca-bundle.crt


                #SSLCARevocationPath /etc/apache2/ssl.crl/
                #SSLCARevocationFile /etc/apache2/ssl.crl/ca-bundle.crl


                #SSLVerifyClient require
                #SSLVerifyDepth  10


                #SSLOptions +FakeBasicAuth +ExportCertData +StrictRequire
                <FilesMatch "\.(cgi|shtml|phtml|php)$">
                             SSLOptions +StdEnvVars
                </FilesMatch>
                <Directory /usr/lib/cgi-bin>
                                SSLOptions +StdEnvVars
                </Directory>


                 BrowserMatch "MSIE [2-6]" \
                                nokeepalive ssl-unclean-shutdown \
                                downgrade-1.0 force-response-1.0

         </VirtualHost>
 </IfModule>

Please let me know if any other files are required.
Thanks

1 Answer
bobbyiliev MOD July 17, 2019
Accepted Answer

Hello,

As far as I can see what could be causing the issue here are two things:

  • the fact that in your HTTP Vhost you have DocumentRoot set to /var/www/projectName/ and in your HTTPS Vhost the DocumentRoot is set to the default one: /var/www/html/ - though this is highly unlikely to be the problem, but you could try channing that.

  • And the more important thing is the fact that you don’t have your Proxy rules in the HTTPS VHost.

You need to make sure that you have the following rules copied to your HTTPS Vhost as well:

        ProxyRequests Off

        <Proxy *>
                Order deny,allow
                Allow from all
        </Proxy>

        ProxyPass / http://127.0.0.1:1337
        ProxyPassReverse / http://127.0.0.1:1337

        Redirect "/" "https://1.2.3.4/"

Hope that this helps!
Bobby

  • Legend! Thanks dude!

  • Just one more problem. So now if I access the site over the https it works. I see the default sailsJS home screen. However, when I make a DB call (example: https://1.2.3.4:1337/users) over 1337 port I get an “ERRSSLPROTOCOL_ERROR”. I’m suspecting that the 1337 should also be included somewhere?

    • Hey,

      I’m happy to hear that it is working now!

      You probably don’t need the 1337 port anymore as Apache is handling that for you at the backend. You can just do the DB calls as normal without adding the port.

      Regards,
      Bobby

Have another answer? Share your knowledge.