I think we need to get some things
clear.
You want your apache to run as a
forward proxy server for both port 80 and 443. By this i am assuming that you
want your browser to reach both port 80 and port 443 on any remote webserver via
your proxy server.
To do this you need to run apache as
a proxy on only one port. In your browser you just need to set proxy to
your proxy's (the machine where u are running apache as a proxy) name or ip and
the port to 80. In addition tick the option in your browser which says use the
same proxy for all protocols. This will ensure that your browser will work
fine.
This is how a proxy
works:
======== plain HTTP
request
==================== proxy sends request to remote
webserver
==================
Browser
<--------------------------------------> proxy running on any
port
<---------------------------------------------------------------->
remote webserver
======== proxy sends
response ==================== remote
webserver sends response back to
==================
displays back to
browser proxy can
check if its a valid back to
proxy
remote webserver processes
response. request and from an
allowed the
request and sends response
if it has
requested
machine. it also establishes
a secure
tunnel
a tunnel if the browser has
then it
validates
requested access to a secure
the security of
the
(SSL) page. proxy can also scan
tunnel
and directly
the response from the webserver
communicates with
the
and check if its valid and allowed.
remote webserver via the
tunnel established
through
the proxy.
i think you can delete the entire
section on virtual host :443. Unless you want to run 2 proxy servers: one
running on port 80 and one running on port 443.
apache dosent assume anything! its
all waiting to be configured :) but you are probably right that on
port 443 an ssl enabled server is being started by default. this is quite a
likely scenario in most default apache configurations.
Also i doubt you would require the
AllowCONNECT to port 80 since usually webservers do not run secure servers on
port 80. The AllowCONNECT is only to allow the browser to establish a secure
tunnel on those ports. If a secure tunnel is being established the proxy cannot
check the request or the response for validity and security.
Hope this helps.
Cheers,
Emmanuel
|