Hi,

I hope you can help with this because I am a little bit confused.

I’m running apache 2.2 httpd and want to communicate using ProxyPass and ProxyPassReverse to a secured server which is also HTTPS SSL.

Sample architecture:

Outside world ==> https ssl Apache 2.2 httpd (localhost) ==> Secured server Https ssl (domain.com)
I am the middle man here.

What exactly do I need from them (domain.com) in order for me to configure Apache 2.2 httpd-ssl.conf properly? Do I only need their public key? I don’t think I also need their certificate, otherwise I can generate their private key. I don’t think that’s handy…and insecured.

This is my current configuration for when the outside world visit the middle man apache server.

=======

LoadModule sslmodule modules/modssl.so
LoadModule proxymodule modules/modproxy.so
LoadModule proxyhttpmodule modules/modproxyhttp.so

Listen 8443

<VirtualHost *:8443>
ServerName localhost.localdomain
SSLEngine on
SSLCertificateFile /etc/httpd/conf.d/ssl/server.crt
SSLCertificateKeyFile /etc/httpd/conf.d/ssl/server_priv.pem

ProxyRequests off
SSLProxyEngine on
Loglevel debug

ErrorLog /home/df/Desktop/errorLog443.txt
TransferLog /home/df/Desktop/transferLog443.txt

<Location /gd_endpoint/>
ProxyPass https://domain.com:45093/abc/1.1.0
ProxyPassReverse https://domain.com:45093/abc/1.1.0
Order deny,allow
Deny from all
Allow from all
</Location>