ProxyPass directive or the [P] flag to the RewriteRule directive. It is not necessary to turn ProxyRequests on in order to configure a reverse proxy.Hello
WE are trying to setup HTTPS tunnelling to a backend server through Apache proxy but we are finding the client connect but Apache does not send through the traffic the backend server.
The config we have on our Apache proxy virtual host is
<VirtualHost 172.19.1.136:443>
DocumentRoot "/usr/local/apache2221/htdocs/ibcm/"
ServerName test.testdom.local
ErrorLog logs/ibcm
ServerAdmin webmaster@testdom.local
ProxyRequests On
AllowConnect 443
SSLEngine on
SSLHonorCipherOrder On
SSLProtocol -ALL +SSLv3 +TLSv1
SSLCipherSuite ALL:!aNULL:!ADH:!eNULL:!LOW:!EXP:RC4+RSA:+HIGH:+MEDIUM
SSLCertificateFile "/etc/ssl/crt/ibcm.crt"
SSLCertificateKeyFile "/etc/ssl/crt/testdom.key"
SSLCertificateChainFile "/etc/ssl/crt/CA-DOM.crt"
<proxy *>
Order deny,allow
Deny from all
</proxy>
<ProxyMatch (webssl.testdom.com|192.168.50.100)>
Order deny,allow
Allow from all
</ProxyMatch>
</VirtualHost>
Anybody know what we are not doing correctly. Also we found Apache would not start without us putting in the root certificate. Thought it would not need any certificate for tunnelling so wonder if we have missed something.
Nagu Sittampalam | Security Team Leader , IT Solutions Division | Southampton Strategic Services Partnership | Landline: 02380 833012 | Fax: 02380 832973 | e-mail Nagu.Sittampalam@xxxxxxxxxxxxxxxxxx | e-mail Nagu.Sittampalam@xxxxxxxxxxxx | post Capita ITS, 1st Floor, One Guildhall Square, Above Bar, Southampton, SO14 7FP
This email and any files transmitted with it are confidential, and may be subject to legal privilege, and are intended solely for the use of the individual or entity to whom they are addressed.
If you have received this email in error or think you may have done so, you may not peruse, use, disseminate, distribute or copy this message. Please notify the sender immediately and delete the original e-mail from your system.
|