Hi Eric, below is the excerpt from the apache log
------------------------------
[Sun Aug 23 12:24:39 2009] [debug] mod_proxy_http.c(56): proxy: HTTP: canonicalising URL //www.techmed.com/VENDOR/vendor.asmx
[Sun Aug 23 12:24:39 2009] [debug] proxy_util.c(1507): [client interapp_ipaddr] proxy: *: found reverse proxy worker for https://www.techmed.com/VENDOR/vendor.asmx
[Sun Aug 23 12:24:39 2009] [debug] mod_proxy.c(966): Running scheme https handler (attempt 0)
[Sun Aug 23 12:24:39 2009] [debug] mod_proxy_http.c(1960): proxy: HTTP: serving URL https://www.techmed.com/VENDOR/vendor.asmx
[Sun Aug 23 12:24:39 2009] [debug] proxy_util.c(2044): proxy: HTTPS: has acquired connection for (*)
[Sun Aug 23 12:24:39 2009] [debug] proxy_util.c(2102): proxy: connecting https://www.techmed.com/VENDOR/vendor.asmx to www.techmed.com:443
[Sun Aug 23 12:24:39 2009] [debug] proxy_util.c(2195): proxy: connected /VENDOR/vendor.asmx to www.techmed.com:443
[Sun Aug 23 12:24:39 2009] [debug] proxy_util.c(2347): proxy: HTTPS: fam 2 socket created to connect to *
[Sun Aug 23 12:24:39 2009] [error] [client 73.155.40.73] SSL Proxy requested for my_proxyserver:80 but not enabled [Hint: SSLProxyEngine]
[Sun Aug 23 12:24:39 2009] [error] proxy: HTTPS: failed to enable ssl support for 73.155.40.73:443 (www.techmed.com)
[Sun Aug 23 12:24:39 2009] [debug] proxy_util.c(2062): proxy: HTTPS: has released connection for (*)
--------------------------------------------------
--- On Sun, 8/23/09, pe uni <peuni@xxxxxxxxx> wrote:
> From: pe uni <peuni@xxxxxxxxx>
> Subject: Re: (internal app) --http-->apache---https--->(external app)
> To: users@xxxxxxxxxxxxxxxx
> Date: Sunday, August 23, 2009, 2:22 PM
> Hi Eric, thanks for the reply.
> "my application" is the internal application.
> I tried the rewrite rule with P option, still doesn't
> work.
>
> Internal application has the target URL set as
> www.techmed.com/VENDOR/vendor.asmx with port 80 and is
> configured to use
> my_proxy_server : 44444 as the proxy
>
> Goal is --- (my internal appln) ----http--->apache
> ---https with client
> certs---->(www.techmed.com/VENDOR/vendor.asmx)
>
> Here is my httpd.conf... apache logs show
> error "proxy: HTTPS: failed to enable ssl support for
> my_ipaddr:443"
> --------------------------------------
> <VirtualHost my_ipaddr:44444>
> ServerName my_proxy_server
> Options +FollowSymlinks
> ProxyRequests off
>
> RewriteEngine On
> RewriteLogLevel 9
> RewriteLog
> /etc/httpd/logs/rewrite_80_log
> RewriteRule ^/(.*)$
> https://%{HTTP_HOST}%{REQUEST_URI} [P,L]
> </VirtualHost>
>
> <VirtualHost my_ipaddr:443>
> ServerName my_proxy_server
> ServerAlias my_proxy_server
> LogLevel debug
> ProxyRequests Off
> CustomLog /etc/httpd/logs/access_log common
> ErrorLog "|/usr/sbin/rotatelogs
> /etc/httpd/logs/error_log 86400 common"
> TransferLog /etc/httpd/logs/ssl_access_log
>
> SSLEngine On
> SSLCertificateFile
> /etc/httpd/ssl/servercerts/server.CRT
> SSLCertificateKeyFile
> /etc/httpd/ssl/servercerts/server.KEY
> SSLProxyMachineCertificateFile
> /etc/httpd/ssl/clientcerts/client-cert.p12
>
> Proxypass /VENDOR https://www.techmed.com/VENDOR/vendor.asmx ;
> ProxypassReverse /VENDOR https://www.techmed.com/VENDOR/vendor.asmx
> </VirtualHost>
> ---------------------------------------
> Thanks,
> Pe
>
> --- On Sun, 8/23/09, Eric Covener <covener@xxxxxxxxx>
> wrote:
>
> > From: Eric Covener <covener@xxxxxxxxx>
> > Subject: Re: (internal app)
> --http-->apache---https--->(external app)
> > To: users@xxxxxxxxxxxxxxxx
> > Date: Sunday, August 23, 2009, 12:47 PM
> > On Sun, Aug 23, 2009 at 12:04 PM, pe
> > uni<peuni@xxxxxxxxx>
> > wrote:
> > > Hi,
> > > I have a scenario to configure apache to
> handle
> > > (internal
> > app)--http-->apache---https--->(external app)
> > >
> > > My internal app cannot handle SSL and can only
> handle
> > HTTP connections.
> > >
> > > How do i set up apache to handle such a
> scenario?
> > > I tried creating a virtual host listening on
> port
> > 10001 and then used the rewrite rule to change the url
> to
> > https. This works on a browser but fails on my
> applicatin as
> > it cannot handle the HTTPS traffic.
> >
> > You need to proxy, via mod_rewrite with the "P" flag
> or
> > ProxyPass.
> >
> > I assume your "my application" in the final sentence
> refers
> > to the
> > internal app, not the external app -- otherwise it's a
> lost
> > cause.
> >
> >
> > --
> > Eric Covener
> > covener@xxxxxxxxx
> >
> >
> ---------------------------------------------------------------------
> > The official User-To-User support forum of the Apache
> HTTP
> > Server Project.
> > See <URL:http://httpd.apache.org/userslist.html> for more
> > info.
> > To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
> > " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
> > For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
> >
> >
>
>
>
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP
> Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more
> info.
> To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
> " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
> For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
>
>
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
" from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|