On 2021-08-22 4:41 p.m., Scott Trakker wrote:
Hello Apache administrators! In summary I have the following question:/How do I correctly configure a reverse proxy that redirects to a website with HTTPS?/*My set-up* A RHEL server (host) with one virtual machine. The website is running on the virtual machine (also RHEL). *Virtual host file on the host* ServerName localhost DocumentRoot /var/www/html/ <VirtualHost *:80 > ServerName [my.domain.com] ProxyPreserveHost On ProxyPass / http://192.168.122.246/ <http://192.168.122.246/> ProxyPassReverse / http://192.168.122.246/ <http://192.168.122.246/> </VirtualHost> <VirtualHost *:443 > ServerName [my.domain.com] SSLProxyEngine on ProxyPreserveHost On ProxyPass / https://192.168.122.246/ <https://192.168.122.246/> ProxyPassReverse / https://192.168.122.246/ <https://192.168.122.246/> </VirtualHost> *Virtual host file on the virtual machine* ServerName localhost <VirtualHost *:80 > ServerName [my.domain.com] DocumentRoot /var/www/html/ RewriteEngine on RewriteCond %{SERVER_NAME} =[my.domain.com]RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI <https://%{SERVER_NAME}%{REQUEST_URI>} [END,NE,R=permanent]</VirtualHost> <VirtualHost *:443> ServerName [my.domain.com] DocumentRoot /var/www/html/SSLCertificateFile /etc/letsencrypt/live/[my.domain.com]/fullchain.pem <http://nextcloud.jeroenverhoeckx.com/fullchain.pem> SSLCertificateKeyFile /etc/letsencrypt/live/[my.domain.com]/privkey.pem <http://nextcloud.jeroenverhoeckx.com/privkey.pem>Include /etc/letsencrypt/options-ssl-apache.conf </VirtualHost>I installed the SSL certificate with certbot of Let's Encrypt and I got the message that it was installed correctly.*Problem*When I go to my domain <https://nextcloud.jeroenverhoeckx.com/>, Firefox tells me that the website isn't secure.
And when I go to <https://nextcloud.jeroenverhoeckx.com/> I get:... does not trust this site because it uses a certificate that is not valid for nextcloud.jeroenverhoeckx.com. The certificate is only valid for IntelNUC.
Maybe you could start with a "valid for your domain" certificate? Best -- Paul
*Question*/What do I need to add to the virtual host file on the host to correctly pass all HTTPS traffic to the virtual host on the virtual machine?/ Ideally (if possible) I don't request for another SSL certificate or copy the certificate on the virtual machine to the host.I'm documenting all the steps on a blog post so others can repeat the steps that I make. You can find this blog post here <https://jeroenverhoeckx.com/build-your-own-personal-cloud.html> (still work in progress / draft).Any help is appreciated! I searched on the internet but couldn't find any good documentation for this specific problem.Your sincerely, Scott Trakker --------------------------------------------------------/Support the independent web, use //Firefox/ <https://www.mozilla.org/en-US/firefox/new/>
--------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|