Thanks for your reply, Working: Intranet(WAN)---HTTP---> apache <---HTTP--> IIS ---> Plumtree Portal SSO (using AD Authentication) Not Working: Intranet(WAN)---HTTPS---> apache <---https---> IIS ----> Plumtree Portal SSO (using AD Authentication) Working: Intranet ---HTTPS---> IIS <---> Plumtree Portal SSO (using AD Authentication) When opening access to the other ITO's on the WAN they will be coming in over https. The reason I need to keep apache on the front door is I'll also have internet traffic coming through the same pipe and need to protect my back-end. Apache will reside in the DMZ. Rod -----Original Message----- From: Boyle Owen [mailto:Owen.Boyle@xxxxxxx] Sent: Friday, December 16, 2005 4:06 AM To: users@xxxxxxxxxxxxxxxx Subject: RE: [users@httpd] Apache 2.0.54 Proxy information request Plain text please... I assume when say "port 443" you mean HTTPS and not that you're just changing the port number under normal HTTP. Your main application is an undefined Single Sign-On authentication scheme. Your set up is: Internet <--HTTPS--> apache <--HTTP--> IIS ...and this works. But when you change to: Internet <--HTTPS--> apache <--HTTPS--> IIS ...it doesn't. So it looks like your SSO application doesn't work via HTTPS. What do you get in the apache and/or IIS logs? Is there any SSO logging? BTW, What happens if you try: DMZ browser <--HTTPS--> IIS Rgds, Owen Boyle Disclaimer: Any disclaimer attached to this message may be ignored. -----Original Message----- From: Rosado, Rodolfo CTR MDA/IOM [mailto:Rodolfo.Rosado.CTR@xxxxxxx] Sent: Donnerstag, 15. Dezember 2005 22:12 To: users@xxxxxxxxxxxxxxxx Subject: [users@httpd] Apache 2.0.54 Proxy information request Hi all, I'm new, have mercy. I've set up an Apache server in my DMZ and it is accessed via port 443 only. I reverse proxy requests to a back-end IIS server and application. My issue is with SSO. I configured my Apache Server in a test environment to accept and reverse proxy requests over port 80 and the information is passed correctly to the IIS server and application and allows the user to SSO. However, when I change this to port 443, the SSO no longer works. I can get to the backend app, but no SSO. Is there something I haven't configured properly? Diese E-mail ist eine private und persönliche Kommunikation. Sie hat keinen Bezug zur Börsen- bzw. Geschäftstätigkeit der SWX Gruppe. This e-mail is of a private and personal nature. It is not related to the exchange or business activities of the SWX Group. Le présent e-mail est un message privé et personnel, sans rapport avec l'activité boursière du Groupe SWX. This message is for the named person's use only. It may contain confidential, proprietary or legally privileged information. No confidentiality or privilege is waived or lost by any mistransmission. If you receive this message in error, please notify the sender urgently and then immediately delete the message and any copies of it from your system. Please also immediately destroy any hardcopies of the message. You must not, directly or indirectly, use, disclose, distribute, print, or copy any part of this message if you are not the intended recipient. The sender's company reserves the right to monitor all e-mail communications through their networks. Any views expressed in this message are those of the individual sender, except where the message states otherwise and the sender is authorised to state them to be the views of the sender's company. --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx