Re: Can Apache Forward/Proxy a Port?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Just for those following this or need the same thing. How i got it to work:
-Made ProxyPass/Reverse entries in the default vhost SSL conf
-For users that type http://, in the non-SSL vhost i made a rewrite rule to rewrite http: to https:
-Stop/start apache and test

Actually the http:// rewrite test failed with:
500 internal server error
My rewrite rule is:

RewriteRule ^/(.*) https://%{HTTP_HOST}/ [L]


----- Original Message -----
From: "Chris Arnold" <carnold@xxxxxxxxxxxxxxxxxxx>
To: users@xxxxxxxxxxxxxxxx
Sent: Sunday, November 18, 2012 2:16:42 PM
Subject: Re:  Can Apache Forward/Proxy a Port?

----- Original Message -----
> I have a server that is sharing port 443. I need to use apache on a
> different server to forward/proxy https traffic to another apache
> server running on a different port, 2443. So, a user types in
> https://mail.domain.com and is sent to https://ip.com:2443. Can
> apache do this and keep the URL https://mail.domain.com?

>>What you're looking for is actually called Reverse Proxy and is
>>(of of) mod_proxy's core capabilities.

>>See http://www.apachetutor.org/admin/reverseproxies
>>for Nick Kew's explanation on how to do that.

Thanks for that link. However, the same error i have been getting is the the error i am getting when i follow that link (that error is a 403 Access forbidden).
Actually, i have decided to keep the 443 port on both servers (i think this is possible for apche to work with this). So my vhost looks like:

<VirtualHost *:80>
    ServerAdmin administrator@xxxxxxxxxx
    ServerName mail.teknerds.net

    ProxyPass /    https://mail.domain.net/
    ProxyPassReverse /    https://mail.domain.net/

    # if not specified, the global error log is used
    ErrorLog /var/log/apache2/mail.domain.net-error_log
    CustomLog /var/log/apache2/mail.domain.net-access_log combined

</VirtualHost>

I have tried with and without the ProxyPass entry and SSLProxyEngine On. Both give me the access forbidden. The server doing the proxing seems to look for the directory on itself. Here is the error log:

[Sun Nov 18 13:42:54 2012] [error] (110)Connection timed out: proxy: HTTP: attempt to connect to 192.168.124.3:80 (mail.domain.net) failed
[Sun Nov 18 13:42:54 2012] [error] ap_proxy_connect_backend disabling worker for (mail.domain.net)
[Sun Nov 18 13:42:54 2012] [error] proxy: HTTP: disabled connection for (mail.domain.net)
[Sun Nov 18 13:58:47 2012] [error] Server should be SSL-aware but has no certificate configured [Hint: SSLCertificateFile]

Not sure why it is looking om port 80 as the proxypass/reverse point to https://.

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux