This is my ssl.conf
<IfDefine SSL>
Listen 0.0.0.0:443
AddType
application/x-x509-ca-cert .crt
AddType application/x-pkcs7-crl .crl
SSLPassPhraseDialog builtin
SSLSessionCache dbm:
/var/run/apache2/ssl_scache
SSLSessionCacheTimeout 300
SSLMutex file:
/var/run/apache2/ssl_mutex
<VirtualHost *:443>
DocumentRoot
"/var/apache2/htdocs"
ServerAdmin sergio.giovanni.capponi@xxxxxx
ErrorLog /var/apache2/logs/error_log
TransferLog
/var/apache2/logs/access_log
SSLEngine on
SSLCipherSuite ALL:!ADH:!
EXPORT56:-AES256-SHA:-DHE-RSA-AES256-SHA:-DHE-DSS-AES256-SHA:RC4+RSA:
+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
SSLCertificateFile
/etc/apache2/ssl.crt/server.crt
SSLCertificateKeyFile /etc/apache2/ssl.
key/server.key
<FilesMatch "\.(cgi|shtml|phtml|php3?)$">
SSLOptions +StdEnvVars
</FilesMatch>
<Directory "/var/apache2/cgi-bin">
SSLOptions +StdEnvVars
</Directory>
SetEnvIf User-Agent ".*MSIE.*"
\
nokeepalive ssl-unclean-shutdown \
downgrade-1.0
force-response-1.0
CustomLog /var/apache2/logs/ssl_request_log \
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
ProxyRequests Off
ProxyRemote * http://10.10.10.10:8080
ProxyPass /
https://test.external.it:443/
ProxyPassReverse / https://test.external.
it:443/
</VirtualHost>
</IfDefine>
The SSL connection work.
The problem is
I wish that when the apache
must connect to https://test.external.it:443 pass through the proxy
http://10.10.10.10:8080.
Thank's
Giovanni
----Messaggio
originale----
Da: i.galic@xxxxxxxxxxxxxx
Data: 01/12/2010 13.14
A:
<users@xxxxxxxxxxxxxxxx>, <daytan379@xxxxxxxxxx>
Ogg: Re:
Apache 2.0 reverse proxy
----- daytan379@xxxxxxxxxx wrote:
> I
install
> Apache/2.0.63 (Unix) mod_ssl/2.0.63 OpenSSL/0.9.7d DAV/2 on
> solaris platform.
>
> I want configure my apache how reverse
proxy.
> I want to configure my reverse proxy as a https site. But to
reach that
> site, https must go through an http proxy.
This doesn't
make *any* sense (to me).
> I have configured
>
> On
>
SSLProxyEngine
> ServerName myserver
> ProxyPass / https://test:443/
>
> ProxyPassReverse / https://test:443/
What
>
SSLProxyCACertificateFile # / etc
is
> / apache / ssl.crt / cacerts.
crt
This?
> * ProxyRemote http://10.10.10.10.:8080
It looks broken,
one way or the other. Please paste your
*real* configuration.
The only
thing that I can read from it is that:
ProxyRemote takes two arguments,
hence the error.
You shouldn't need ProxyRemote at all in your
configuration.
Or am I misunderstanding your set-up?
> But when I
try to connect I receive on Error log
> [Wed Dec 01 09:51:40
> 2010]
[notice] Digest: generating secret for digest authentication
> ...
>
>
[Wed Dec 01 09:51:40 2010] [notice] Digest: done
> [Wed Dec 01 09:51:
40
> 2010] [notice] Apache/2.0.63 (Unix) mod_ssl/2.0.63 OpenSSL/0.9.7d
> DAV/2
> configured -- resuming normal operations
> [Wed Dec 01 09:51:
52 2010]
> [error] (20014)Error string not specified yet: proxy: pass
request
> body
> failed to 10.10.10.10:8080 (10.10.10.10)
> [Wed Dec
01 09:51:52 2010]
> [error] (20014)Error string not specified yet:
proxy: pass request
> body
> failed to 10.10.10.10:8080 (10.10.10.10)
from 10.10.13.11 ()
>
> Any Ideas
> ?
> Than'k
> Giovanni
So long,
i
--
Igor GaliÄ
Tel: +43 (0) 664 886 22 883
Mail: i.galic@brainsware.
org
URL: http://brainsware.org/
Supera i limiti: raddoppia la velocità da 10 a 20 Mega! Risparmia con Tutto Incluso: telefono + adsl 20 mega a soli 29,95 â al mese per due anni! SCONTO DI 240 EURO! http://abbonati.tiscali.it/telefono-adsl/prodotti/tc/tuttoincluso/?WT.mc_id=01fw
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
" from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|