[users@httpd] Secure Apache proxy chaining

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Guys and gals,

Background - I am trying to chain together two Apache servers (server1 
running Sol 9 Apache 2.0.47, server2 running Sol 9 Apache 2.0.55) for 
certain sites. Due to security restrictions within the customers network, 
I need to access the web interface of one of their appliances through the 
two apache proxy servers mentioned above. The scenario is:

Workstation -> Apache1.custnet.com -> Apache2.custnet.com -> 
Appliance.custnet.com

The appliance will accept the initial connection on port 80, then kick off 
a secure 443 session. I am able to use the following scenario 
successfully:

Workstation -> Apache2.custnet.com -> Appliance.custnet.com

>From what I can see in the error_log (LogLevel debug), for the second 
scenario the workstation is prompted to accept a secure connection and 
proceeds to login over a secure 443 session - the first scenario does not 
do this - it is as if the request for a secure connection is not being 
passed back down the chain.

Relevant Configuration (changed to protect the innocent):
Apache1.custnet.com
        (httpd.conf)
        ProxyRequests On
        <Proxy *>
                Order Deny, Allow
                Deny from all
                Allow from all
        </Proxy>
        ProxyRemote http://appliance1.custnet.com 
http://apache2.custnet.com

        Compiled in modules:
          core.c
          mod_access.c
          mod_auth.c
          mod_include.c
          mod_log_config.c
          mod_env.c
          mod_setenvif.c
          mod_proxy.c
          proxy_connect.c
          proxy_ftp.c
          proxy_http.c
          prefork.c
          http_core.c
          mod_mime.c
          mod_status.c
          mod_autoindex.c
          mod_asis.c
          mod_cgi.c
          mod_negotiation.c
          mod_dir.c
          mod_imap.c
          mod_actions.c
          mod_userdir.c
          mod_alias.c
          mod_so.c

Apache2.custnet.com
        (httpd.conf)
        ProxyRequests On
                <Proxy *>
                Order Deny, Allow
                Deny from all
                Allow from all
        </Proxy>

        Compiled in modules:
          core.c
          mod_access.c
          mod_auth.c
          mod_include.c
          mod_log_config.c
          mod_env.c
          mod_setenvif.c
          mod_proxy.c
          proxy_connect.c
          proxy_ftp.c
          proxy_http.c
          prefork.c
          http_core.c
          mod_mime.c
          mod_status.c
          mod_autoindex.c
          mod_asis.c
          mod_cgi.c
          mod_negotiation.c
          mod_dir.c
          mod_imap.c
          mod_actions.c
          mod_userdir.c
          mod_alias.c
          mod_so.c

What am I missing - I tried to google this scenario but can only find 
chained http examples. Any direction would be helpful.

Regards,

------------------------------------------------------------------------------
Graham Trigge
IT Technical Specialist
Server Support
Telstra Australia

Office:  (02) 9201 9577
Mobile: 0409 654 434

"Time flies like an arrow, but fruit flies like a banana"


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
   "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx



[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux