Hello everybody. I am new here, was hoping to post a problem I am having, would love to hear some input. I've been dealing with this problem for a while now and it's driving me nuts, haven't been able to find the problem.
I have a gateway server that is running OpenBSD and Apache 2 and is set up with mod_ssl and mod_proxy. The only listen port is 443. I have it configured so that a bunch of requests are handled by a backend server, running on port 4080. Something like https://gateway/resourceA maps to http://backendserver:4080/resourceA. I have ProxyPass to handle requests, and ProxyPassReverse to handle the redirects. However, ProxyPassReverse doesn't seem to be doing it's job, because redirects are not working properly.
Let me explain what I mean. Let's say, for example, that resourceA/test1.html redirects in the backend server to resourceA/test2.html. When I request https://gateway/resourceA/test1.html, I would expect to get https://gateway/resourceA/test2.html. However, instead what happens is that the redirect generates a request on port 80, or http://gateway/resourceA/test2.html. This, of course, times out because my Apache instance on my gateway server is not listening on port 80, nor is my firewall allowing communication on port 80 to this gateway server.
I tried opening up port 80 on my firewall, listening on port 80, and writing some mod_rewrite directives to redirect requests on http:// to https://. This does not work. The redirect generated is still for port 80 (it is not getting re-written to https), and of course it can't find any such resource on the gateway server, so I get a 403 back (which is odd, I would have expected 404, but I am getting a forbidden HTTP code back).
I suspect this has to do with how I am setting up the servername directive. Right now I have it set up as gateway:80 (I am using the actual domain, not the word 'gateway' but the actual domain is not important). If I change it to gateway:443, I get a bunch of errors logged that say "warning: running http over an https port" or something like that.
I don't know if I've said enough to characterize the problem. I've searched the net and usenet groups up and down looking for an answer, but I've yet to find a solution. Please help!!
Thanks,
Daniel
--
Daniel A. Silva
Senior Consultant, PlatinumSolutions, Inc.
PH: 703.471.9793 FAX: 703.471.7140
daniel.silva@xxxxxxxxxxxxxxxxxxxxx
http://www.platinumsolutions.com
This message is for the designated recipient only and may contain privileged, proprietary, or otherwise private information. If you have received it in error, please notify the sender immediately and delete the original. Any other use of the email by you is prohibited.