Question
Apache ProxyPass and ReverseProxy to a SSL HTTPS configured domain.
- Posted on March 4, 2015
- ApacheFirewall
Asked by Kelvin Farro
Hi,
I hope you can help with this because I am a little bit confused.
I’m running apache 2.2 httpd and want to communicate using ProxyPass and ProxyPassReverse to a secured server which is also HTTPS SSL.
Sample architecture:
Outside world ==> https ssl Apache 2.2 httpd (localhost) ==> Secured server Https ssl (domain.com) I am the middle man here.
What exactly do I need from them (domain.com) in order for me to configure Apache 2.2 httpd-ssl.conf properly? Do I only need their public key? I don’t think I also need their certificate, otherwise I can generate their private key. I don’t think that’s handy…and insecured.
This is my current configuration for when the outside world visit the middle man apache server.
=======
LoadModule sslmodule modules/modssl.so LoadModule proxymodule modules/modproxy.so LoadModule proxyhttpmodule modules/modproxyhttp.so
Listen 8443
<VirtualHost *:8443> ServerName localhost.localdomain SSLEngine on SSLCertificateFile /etc/httpd/conf.d/ssl/server.crt SSLCertificateKeyFile /etc/httpd/conf.d/ssl/server_priv.pem
ProxyRequests off SSLProxyEngine on Loglevel debug
ErrorLog /home/df/Desktop/errorLog_443.txt TransferLog /home/df/Desktop/transferLog_443.txt
<Location /gd_endpoint/> ProxyPass https://domain.com:45093/abc/1.1.0 ProxyPassReverse https://domain.com:45093/abc/1.1.0 Order deny,allow Deny from all Allow from all </Location>
This textbox defaults to using Markdown to format your answer.
You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.
Want to learn more? Join the DigitalOcean Community!
Join our DigitalOcean community of over a million developers for free! Get help and share knowledge in Q&A, subscribe to topics of interest, and get courses and tools that will help you grow as a developer and scale your project or business.
Hi @PokerFace,
It’s indeed a strange configuration, usually, the application you are Proxy redirected is on your Droplet rather than outside of it. If it’s possible I’ll suggest such one.
As for a solution, I see you’ve found one and it’s indeed working, I’ve tested it out. Having said that, as said earlier, I’ll recommend to avoid such scenarios wherever possible.
After doing some digging on this particular need I was able to find this thread on the Ubuntu forums which outlines the same problem and provides a solution with an example configuration file known to be working.