Ah, thanks, so it is possible! I thought it wasn't possible (but hoped it would be) because the reverse proxy could be seen as a 'man in the middle attach'. But great to know that it is possible! What is the minimal configuration for such a setup? You need the directives ProxyPass, ProxyPassReverse and ProxyPreserveHost? Is the directive SSLProxyEngine also necessary? -------------------------------------------------------- Support the independent web, use Firefox ‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐ On Wednesday, January 12th, 2022 at 4:47 PM, Marc <Marc@xxxxxxxxxxxxxxxxx> wrote: > You can just do that. I have also certs behind a reverse proxy. My whole 'virtual/internal' applications in containers is running with my own CA certificates and on the reverse proxy I have some certs from known CA's > > Specific for this setup is a proxy protocol, that informs the public ip addresses instead of local ones. > > Best is it to ask on something like the haproxy community. > > > My question: > > > > Would it have been possible to install the SSL certificates in the virtual > > > > machines? > > > > As far as I know, no, because then the reverse proxy can be seen as a 'man > > > > in the middle attack'. > > > > This is why I configured the SSL certificates on the host, and as far as I > > > > know this is also how it should be (after reading some articles about it > > > > on the internet). > > > > I do however also found the Apache directive SSLProxyEngine > > > > https://httpd.apache.org/docs/2.2/mod/mod_ssl.html#SSLProxyEngine . Is > > > > it possible with this directive the install/configure the SSL certificates > > > > inside the virtual machines? > > > > I'm curious :-)! --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|