I created a Self-Signed SSL Certificate for Apache and changed my Apache configuration file on Apache Reverse Proxy Server as below:
<VirtualHost *:80>
ServerName 192.168.56.9
ProxyPreserveHost On
ProxyPass / http://192.168.56.9/
ProxyPassReverse / http://192.168.56.9/
Redirect / https://192.168.56.9/
</VirtualHost>
<VirtualHost *:443>
SSLEngine on
SSLCertificateFile /etc/pki/tls/certs/selfsigned.crt
SSLCertificateKeyFile /etc/pki/tls/private/selfsigned.key
</VirtualHost>
But when I browse my Reverse Proxy Server IP, then it is HTTP and not HTTPS. why?
It doesn't show "https://www.tecmint.com/wp-content/uploads/2020/05/SSL-Certificate-Warning.png" error too.
On Monday, April 19, 2021, 03:18:25 PM GMT+4:30, Nick Folino <nick@xxxxxxxxx> wrote:
http://httpd.apache.org/docs/2.4/ssl/
Nick
On Mon, Apr 19, 2021 at 6:37 AM Jason Long <hack3rcon@xxxxxxxxx.invalid> wrote:
> Thank you.
> On my Apache Reverse Proxy, I have a .conf as below:
>
> # cat /etc/httpd/conf.d/reverse_proxy.conf
> <VirtualHost *:80>
> ProxyPreserveHost On
> ProxyPass / http://192.168.56.9/
> ProxyPassReverse / http://192.168.56.9/
> </VirtualHost>
>
>
> And my website configuration file is on "192.168.56.9" server. Thus, if I setup Let's Encrypt on my Apache Reverse Proxy Server, then I just need below lines in a separate .conf file?
>
> <IfModule mod_ssl.c>
> <VirtualHost *:443>
> ServerAdmin root@localhost
> ServerName Example.example
> ServerAlias www.Example.example
> ErrorLog /var/log/httpd/error.log
> CustomLog /var/log/httpd/access.log common
> SSLEngine On
> Include /etc/letsencrypt/options-ssl-apache.conf
> SSLCertificateFile /etc/letsencrypt/live/Example.example/fullchain.pem
> SSLCertificateKeyFile /etc/letsencrypt/live/Example.example/privkey.pem
> </VirtualHost>
> </IfModule>
>
>
> About about self-signed certificate, could above file contain two separate certification?
>
>
>
>
> On Monday, April 19, 2021, 02:48:24 PM GMT+4:30, Michael Wechner <michael.wechner@xxxxxxxxx> wrote:
>
>
>
>
>
> Hi Jason
>
> Definitely "Apache Reverse Proxy (Public IP)", whereas you could use for
> example
>
> https://letsencrypt.org/
> https://certbot.eff.org/
>
> Depending on how your connection between "Apache Reverse Proxy (Public
> IP) ---> Web Site (Internal IP)" is protected, you might also want to
> consider a self-signed certificate for "Web Site (Internal IP)"
>
> HTH
>
> Michael
>
> Am 19.04.21 um 12:07 schrieb Jason Long:
>> Hello,
>> In below diagram, which server must use HTTPS certification?
>>
>> The Internet ---> Apache Reverse Proxy (Public IP) ---> Web Site (Internal IP)
>>
>>
>> Thank you.
>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
>> For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
>>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
> For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
> For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx