Apache Proxy https

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hi
can some one help me on this , i am trying to configure Apache as forward proxy so that  client can connect to the HTTPS url , below is my configuration , i get 403 when connecting to HTTPS urls , i can  connect to  http url without any issues if i update below vhost with <Proxy "http://example.com"> my apache version is 2.4

Vhost  configuration

Listen xxx.xx.xxx.x:8082
 
<VirtualHost  xxx.xx.xxx.x:8082>
ServerName      testnew1.com
 ProxyRequests On
ProxyVia On
SSLProxyEngine On
<Proxy "*">
Require all denied
</Proxy>
<Proxy "https://example.com">
ProxySet connectiontimeout=5 timeout=30
Require all granted
</Proxy>
</VirtualHost>






error log

[Tue Mar 13 14:33:10.305463 2018] [ssl:debug] [pid 28530] ssl_engine_pphrase.c(181): AH02199: SSL not enabled on vhost testnew1.com:80, skipping SSL setup
[Tue Mar 13 14:33:10.437213 2018] [ssl:debug] [pid 28530] ssl_engine_pphrase.c(181): AH02199: SSL not enabled on vhost testnew1.com:80, skipping SSL setup
[Tue Mar 13 14:33:10.479295 2018] [proxy:debug] [pid 28536] proxy_util.c(1843): AH00925: initializing worker https://example.com shared
[Tue Mar 13 14:33:10.479327 2018] [proxy:debug] [pid 28536] proxy_util.c(1885): AH00927: initializing worker https://example.com local
[Tue Mar 13 14:33:10.479394 2018] [proxy:debug] [pid 28536] proxy_util.c(1936): AH00931: initialized single connection worker in child 28536 for (example.com)
[Tue Mar 13 14:33:10.479428 2018] [proxy:debug] [pid 28536] proxy_util.c(1843): AH00925: initializing worker proxy:forward shared
[Tue Mar 13 14:33:10.479438 2018] [proxy:debug] [pid 28536] proxy_util.c(1885): AH00927: initializing worker proxy:forward local
[Tue Mar 13 14:33:10.479477 2018] [proxy:debug] [pid 28536] proxy_util.c(1936): AH00931: initialized single connection worker in child 28536 for (*)
[Tue Mar 13 14:33:10.493164 2018] [proxy:debug] [pid 28537] proxy_util.c(1843): AH00925: initializing worker https://example.com shared
[Tue Mar 13 14:33:10.493195 2018] [proxy:debug] [pid 28537] proxy_util.c(1885): AH00927: initializing worker https://example.com local
[Tue Mar 13 14:33:10.493263 2018] [proxy:debug] [pid 28537] proxy_util.c(1936): AH00931: initialized single connection worker in child 28537 for (example.com)
[Tue Mar 13 14:33:10.493298 2018] [proxy:debug] [pid 28537] proxy_util.c(1843): AH00925: initializing worker proxy:forward shared
[Tue Mar 13 14:33:10.493309 2018] [proxy:debug] [pid 28537] proxy_util.c(1885): AH00927: initializing worker proxy:forward local
[Tue Mar 13 14:33:10.493351 2018] [proxy:debug] [pid 28537] proxy_util.c(1936): AH00931: initialized single connection worker in child 28537 for (*)
[Tue Mar 13 14:33:10.496458 2018] [proxy:debug] [pid 28538] proxy_util.c(1843): AH00925: initializing worker https://example.com shared
[Tue Mar 13 14:33:10.496488 2018] [proxy:debug] [pid 28538] proxy_util.c(1885): AH00927: initializing worker https://example.com local
[Tue Mar 13 14:33:10.496556 2018] [proxy:debug] [pid 28538] proxy_util.c(1936): AH00931: initialized single connection worker in child 28538 for (example.com)
[Tue Mar 13 14:33:10.496590 2018] [proxy:debug] [pid 28538] proxy_util.c(1843): AH00925: initializing worker proxy:forward shared
[Tue Mar 13 14:33:10.496601 2018] [proxy:debug] [pid 28538] proxy_util.c(1885): AH00927: initializing worker proxy:forward local
[Tue Mar 13 14:33:10.496643 2018] [proxy:debug] [pid 28538] proxy_util.c(1936): AH00931: initialized single connection worker in child 28538 for (*)
[Tue Mar 13 14:33:10.500193 2018] [proxy:debug] [pid 28539] proxy_util.c(1843): AH00925: initializing worker https://example.com shared
[Tue Mar 13 14:33:10.500226 2018] [proxy:debug] [pid 28539] proxy_util.c(1885): AH00927: initializing worker https://example.com local
[Tue Mar 13 14:33:10.500296 2018] [proxy:debug] [pid 28539] proxy_util.c(1936): AH00931: initialized single connection worker in child 28539 for (example.com)
[Tue Mar 13 14:33:10.500333 2018] [proxy:debug] [pid 28539] proxy_util.c(1843): AH00925: initializing worker proxy:forward shared
[Tue Mar 13 14:33:10.500344 2018] [proxy:debug] [pid 28539] proxy_util.c(1885): AH00927: initializing worker proxy:forward local
[Tue Mar 13 14:33:10.500400 2018] [proxy:debug] [pid 28539] proxy_util.c(1936): AH00931: initialized single connection worker in child 28539 for (*)
[Tue Mar 13 14:33:10.504005 2018] [proxy:debug] [pid 28535] proxy_util.c(1843): AH00925: initializing worker https://example.com shared
[Tue Mar 13 14:33:10.504035 2018] [proxy:debug] [pid 28535] proxy_util.c(1885): AH00927: initializing worker https://example.com local
[Tue Mar 13 14:33:10.504105 2018] [proxy:debug] [pid 28535] proxy_util.c(1936): AH00931: initialized single connection worker in child 28535 for (example.com)
[Tue Mar 13 14:33:10.504141 2018] [proxy:debug] [pid 28535] proxy_util.c(1843): AH00925: initializing worker proxy:forward shared
[Tue Mar 13 14:33:10.504152 2018] [proxy:debug] [pid 28535] proxy_util.c(1885): AH00927: initializing worker proxy:forward local
[Tue Mar 13 14:33:10.504191 2018] [proxy:debug] [pid 28535] proxy_util.c(1936): AH00931: initialized single connection worker in child 28535 for (*)
[Tue Mar 13 14:33:24.883644 2018] [core:debug] [pid 28536] vhost.c(1170): [client 172.16.135.4:57782] AH02417: Replacing host header 'example.com:443' with host 'example.com:443' given in the request uri
[Tue Mar 13 14:33:24.884073 2018] [authz_core:debug] [pid 28536] mod_authz_core.c(809): [client 172.16.135.4:57782] AH01626: authorization result of Require all denied: denied
[Tue Mar 13 14:33:24.884090 2018] [authz_core:debug] [pid 28536] mod_authz_core.c(809): [client 172.16.135.4:57782] AH01626: authorization result of <RequireAny>: denied
[Tue Mar 13 14:33:24.884099 2018] [authz_core:error] [pid 28536] [client 172.16.135.4:57782] AH01630: client denied by server configuration: proxy:example.com:443
(END)




curl test
 * About to connect() to proxy xxx.xx.xxx.x port 8082 (#0)
*   Trying xxx.xx.xxx.x..
* Connected to xxx.xx.xxx.x (xxx.xx.xxx.x) port 8082 (#0)
* Establish HTTP proxy tunnel to example.com:443
> CONNECT example.com:443 HTTP/1.1
> Host: example.com:443
> User-Agent: curl/7.29.0
> Proxy-Connection: Keep-Alive
>
< HTTP/1.1 403 Forbidden
HTTP/1.1 403 Forbidden
< Date: Tue, 13 Mar 2018 14:51:50 GMT
Date: Tue, 13 Mar 2018 14:51:50 GMT
< Server: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips
Server: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips
< Content-Length: 216
Content-Length: 216
< Content-Type: text/html; charset=iso-8859-1
Content-Type: text/html; charset=iso-8859-1
<
 
* Received HTTP code 403 from proxy after CONNECT
* Connection #0 to host xxx.xx.xxx.x left intact
curl: (56) Received HTTP code 403 from proxy after CONNECT
[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux