Re: Apache as reverse proxy for internal IIS web server

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On 3/14/2014 3:39 PM, Bill Beattie wrote:

Hello,

Pardon my ignorance as I am new to Apache.

 

We would like to use Apache 2.4 as a reverse proxy (located outside firewall) to an internal IIS web server hosting an SSL based website.

The basic install of Apache has been completed, running on a Windows 2008 R2 box.  I am using a compiled version of Apache.

The IIS webserver is running on Windows 2008 R2.

Question is should the SSL certificate be installed on the IIS webserver, having the reverse proxy just direct traffic to it OR should the SSL certificate be installed on the reverse proxy? Which method is best for security? What steps are involved to configure the Apache reverse proxy to make it work?

I have spent a lot of time already reading through many documents, etc but I cannot find any relating to my scenario.

Thank you very much for your time.  It is greatly appreciated!


Hi, Bill;
   Since the reverse proxy (httpd 2.4) is the server that will be handling the connection with the client, you will want to configure SSL on the reverse proxy.

Tip: Configuration of SSL between httpd and IIS is optional but may be a good idea if IIS ever generates a full link or redirect. When httpd generates such things, it uses the protocol that it answered (so if you speak cleartext to apache, the Location header will have http://). My guess is that IIS would behave similarly.

-- 
Daniel Ruggeri
[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux