Question

Apache reverse proxy with spring boot on 443

I’m working on a Spring Boot application and I need to use a reverse proxy to redirect 8080 to 443 so I can access like https://example.com but I don’t seem to get the correct configuration and I keep getting a 500 error.

After a lot of searching I’m not able to find the root of the error. While reading I came up with the following configuration in /etc/apache2/sites-available/000-default.conf (letsencrypt edited the last few lines of each virtual host).

I already have ssl and proxy modules loaded. If I run a2ensite default-ssl then I get the apache page with https. I tried migrating my config to that file but still fails but only when adding this line: ProxyPass / http://example.com:8080/, other configuration still loads the apache website.

<VirtualHost *:80>
    ServerName example.com
    ServerAlias www.example.com
    Redirect permanent / https://example.com/
    ErrorLog ${APACHE_LOG_DIR}/error.log
    CustomLog ${APACHE_LOG_DIR}/access.log combined
    ProxyRequests Off
    RewriteEngine on
    RewriteCond %{SERVER_NAME} =www.mysite.com [OR]
    RewriteCond %{SERVER_NAME} =mysite.com
    RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>
<VirtualHost *:443>
    ServerName example.com
    ServerAlias www.example.com
    SSLEngine on
    SSLProxyEngine on
    ProxyRequests off
    ProxyPreserveHost on
    ProxyPass / http://example.com:8080/
    ProxyPassReverse / http://example.com:8080/
    SSLProtocol All -SSLv2 -SSLv3
    Include /etc/letsencrypt/options-ssl-apache.conf
    SSLCertificateFile /etc/letsencrypt/live/example.com-0001/fullchain.pem
    SSLCertificateKeyFile /etc/letsencrypt/live/example.com-0001/privkey.pem
</VirtualHost>

What am I missing?

BTW: accessing http://example.com:8080 works fine


Submit an answer


This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Sign In or Sign Up to Answer

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Bobby Iliev
Site Moderator
Site Moderator badge
January 14, 2024
Accepted Answer

Hi there,

The 500 error suggests there’s a misconfiguration somewhere. Let’s go through your configuration and see what might be causing the issue.

  1. ProxyPass Configuration: The line ProxyPass / http://example.com:8080/ in your <VirtualHost *:443> block is correct in theory. It should forward all requests from HTTPS (port 443) to your Spring Boot app running on HTTP (port 8080). However, using example.com in ProxyPass and ProxyPassReverse might sometimes cause issues. Try replacing example.com with localhost or the actual IP address of the server where Spring Boot is running:

    ProxyPass / http://localhost:8080/
    ProxyPassReverse / http://localhost:8080/
    
  2. Check Apache Logs: The Apache error log can provide more specific information about the 500 error. Check the contents of your error log (/var/log/apache2/error.log or as specified in your configuration) for any relevant error messages when you try to access your site.

  3. Spring Boot Application Properties: Ensure your Spring Boot application is configured to allow connections from Apache. In your application.properties or application.yml, make sure the server address is not restricted to localhost:

    server.address=0.0.0.0
    

    This allows your Spring Boot application to accept connections from other IPs, such as your Apache server.

  4. SSL Configuration: Double-check your SSL configurations. The SSLCertificateFile and SSLCertificateKeyFile should point to the correct Let’s Encrypt certificates. Also, make sure the paths are correct and the files are accessible by Apache.

  5. Ensure Apache Modules Are Enabled: Make sure that all the necessary modules for proxying are enabled. You can do this by running:

    sudo a2enmod proxy
    sudo a2enmod proxy_http
    sudo a2enmod ssl
    sudo systemctl restart apache2
    

After making any changes, remember to restart Apache to apply them:

sudo systemctl restart apache2

If these steps don’t resolve the issue, the Apache error log should be your primary source of information for further troubleshooting. The exact error message will guide you to a more specific solution, feel free to share it here so I can try to advise you furhter!

Best,

Bobby

Try DigitalOcean for free

Click below to sign up and get $200 of credit to try our products over 60 days!

Sign up

Get our biweekly newsletter

Sign up for Infrastructure as a Newsletter.

Hollie's Hub for Good

Working on improving health and education, reducing inequality, and spurring economic growth? We'd like to help.

Become a contributor

Get paid to write technical tutorials and select a tech-focused charity to receive a matching donation.

Welcome to the developer cloud

DigitalOcean makes it simple to launch in the cloud and scale up as you grow — whether you're running one virtual machine or ten thousand.

Learn more
DigitalOcean Cloud Control Panel