Re: More mod_proxy

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

That should be the correct directive to have it ignore the name on the certificate.

Does the target system have an error log showing the connection?
There could be other errors with the SSL handshake besides the name not matching.

- Y

On Thu, Jan 29, 2015 at 6:40 PM, Chris Arnold <carnold@xxxxxxxxxxxxxxxxxxx> wrote:

Apache 2.4.10 on SLES12. I am trying to send https://domain.tld/ifolder to and server running the app. Here is what i have in my ssl vhost:


ProxyPass /ifolder https://domain.tld/ifolder
ProxyPassReverse /ifolder https://domain.tld/ifolder


This results in a 500 in the broswer. Here are the corresponding logs:


[Thu Jan 29 18:27:27.469838 2015] [proxy:error] [pid 17756] (502)Unknown error 502: [client ip:13010] AH01084: pass request body failed to 192.168.123.4:443 (domain.tld)
[Thu Jan 29 18:27:27.469916 2015] [proxy:error] [pid 17756] [client ip:13010] AH00898: Error during SSL Handshake with remote server returned by /ifolder
[Thu Jan 29 18:27:27.469931 2015] [proxy_http:error] [pid 17756] [client ip:13010] AH01097: pass request body failed to 192.168.123.4:443 (domain.tld) from public ip ()
[Thu Jan 29 18:27:27.469947 2015] [proxy:debug] [pid 17756] proxy_util.c(2146): AH00943: HTTPS: has released connection for (domain.tld)


I have read that the SSLProxyCheckPeerName is on bt default. So above the proxypass statements i have SSLProxyCheckPeerName Off. Same error


[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux