Re: Reverse proxy to a website with HTTPS

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hello Paul,

Thanks for thinking along.

The message that you get when you visit my domain is either from the browser of from a self-signed certificate.


When I run 'certbot certificates' I get the message that my certificate for the domain 'nextcloud.jeroenverhoeckx.com' is installed correctly:

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Found the following certs:
  Certificate Name: nextcloud.jeroenverhoeckx.com
    Serial Number: 4ea13a22d840b7cb7f5484af061a8833ff0
    Key Type: RSA
    Domains: nextcloud.jeroenverhoeckx.com
    Expiry Date: 2021-11-20 18:29:37+00:00 (VALID: 89 days)
    Certificate Path: /etc/letsencrypt/live/nextcloud.jeroenverhoeckx.com/fullchain.pem
    Private Key Path: /etc/letsencrypt/live/nextcloud.jeroenverhoeckx.com/privkey.pem
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -


Conclusion: I do have a valid certificate for the subdomain.






‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐

On Monday, August 23rd, 2021 at 12:49 AM, Paul <stormy22@xxxxxxxxx> wrote:

> On 2021-08-22 4:41 p.m., Scott Trakker wrote:
>
> > Hello Apache administrators!
> >
> > In summary I have the following question:
> >
> > /How do I correctly configure a reverse proxy that redirects to a
> >
> > website with HTTPS?/
> >
> > My set-up
> >
> > A RHEL server (host) with one virtual machine.
> >
> > The website is running on the virtual machine (also RHEL).
> >
> > Virtual host file on the host
> >
> > ServerName localhost
> >
> > DocumentRoot /var/www/html/
> >
> > <VirtualHost *:80 >
> >
> >     ServerName [my.domain.com]
> >
> >     ProxyPreserveHost On
> >
> >     ProxyPass / http://192.168.122.246/ http://192.168.122.246/
> >
> >     ProxyPassReverse / http://192.168.122.246/ http://192.168.122.246/
> >
> > </VirtualHost>
> >
> > <VirtualHost *:443 >
> >
> >     ServerName [my.domain.com]
> >
> >     SSLProxyEngine on
> >
> >     ProxyPreserveHost On
> >
> >     ProxyPass / https://192.168.122.246/ https://192.168.122.246/
> >
> >     ProxyPassReverse / https://192.168.122.246/ https://192.168.122.246/
> >
> > </VirtualHost>
> >
> > Virtual host file on the virtual machine
> >
> > ServerName localhost
> >
> > <VirtualHost *:80 >
> >
> >     ServerName [my.domain.com]
> >
> >     DocumentRoot /var/www/html/
> >
> >     RewriteEngine on
> >
> >     RewriteCond %{SERVER_NAME} =[my.domain.com]
> >
> >     RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI
> >
> > https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
> >
> > </VirtualHost>
> >
> > <VirtualHost *:443>
> >
> >     ServerName [my.domain.com]
> >
> >     DocumentRoot /var/www/html/
> >
> >     SSLCertificateFile
> >
> > /etc/letsencrypt/live/[my.domain.com]/fullchain.pem
> >
> > http://nextcloud.jeroenverhoeckx.com/fullchain.pem
> >
> >     SSLCertificateKeyFile
> >
> > /etc/letsencrypt/live/[my.domain.com]/privkey.pem
> >
> > http://nextcloud.jeroenverhoeckx.com/privkey.pem
> >
> >     Include /etc/letsencrypt/options-ssl-apache.conf
> >
> > </VirtualHost>
> >
> > I installed the SSL certificate with certbot of Let's Encrypt and I got
> >
> > the message that it was installed correctly.
> >
> > Problem
> >
> > When I go to my domain https://nextcloud.jeroenverhoeckx.com/, Firefox
> >
> > tells me that the website isn't secure.
>
> And when I go to https://nextcloud.jeroenverhoeckx.com/ I get:
>
> ... does not trust this site because it uses a certificate that is not
>
> valid for nextcloud.jeroenverhoeckx.com. The certificate is only valid
>
> for IntelNUC.
>
> Maybe you could start with a "valid for your domain" certificate?
>
> Best -- Paul
>
> > Question
> >
> > /What do I need to add to the virtual host file on the host to correctly
> >
> > pass all HTTPS traffic to the virtual host on the virtual machine?/
> >
> > Ideally (if possible) I don't request for another SSL certificate or
> >
> > copy the certificate on the virtual machine to the host.
> >
> > I'm documenting all the steps on a blog post so others can repeat the
> >
> > steps that I make. You can find this blog post here
> >
> > https://jeroenverhoeckx.com/build-your-own-personal-cloud.html (still
> >
> > work in progress / draft).
> >
> > Any help is appreciated! I searched on the internet but couldn't find
> >
> > any good documentation for this specific problem.
> >
> > Your sincerely,
> >
> > Scott Trakker
> >
> > /Support the independent web, use //Firefox/
> >
> > https://www.mozilla.org/en-US/firefox/new/
>
> --
>
> To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
>
> For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux