Awesome, I think that is working. I'll have my users poke at it to be sure. Thanks! On Mar 18, 2011, at 7:51 AM, Tom Evans wrote: > On Fri, Mar 18, 2011 at 2:40 PM, Alex Duckers <alex.duckers@xxxxxxxxx> wrote: >> Hi All - I imagine this is fairly common, but I've had trouble making it work. >> I'm on RHEL 5.4, with Apache/2.2.3. >> >> I've got two sites to deal with, sitea.company.com and siteb.company.com. >> I've set up DNS for each of these to resolve the same ip address. >> I have an Apache server listening on that IP address. >> >> I'd like that apache server to do the following: >> * take requests for HTTPS://sitea.company.com, terminate SSL, and proxy the HTTP to an internal server called sitea.internal.net. >> * take requests for HTTPS://siteb.company.com, terminate SSL, and proxy the HTTP to an internal server called siteb.internal.net. >> >> Both names can use the same SSL certificate; I'll probably get a wildcard cert for this. >> >> I was able to make it work for a single site with a very basic config, adding ProxyPass and ProxyPass reverse to the httpd.conf file. But this sends everything to that single host. When I try to break it out with virtualhosts, it either isn't terminating SSL properly, or doesn't PROXY properly. >> >> I'm sure I'm missing something pretty simple. Anyone have a recipe for this? >> >> Thanks >> >> > > NameVirtualHost *:443 > <VirtualHost *:443> > ServerName a.company.com > SSLEngine On > SSLCertificateFile /path/to/star.company.com/apache.crt > SSLCertificateKeyFile /path/to/star.company.com/apache.key > SSLCACertificateFile /path/to/star.company.com/ca.crt > ProxyPass / http://a.company.com/ > ProxyPassReverse / http://a.company.com/ > </VirtualHost> > > <VirtualHost *:443> > ServerName b.company.com > SSLEngine On > SSLCertificateFile /path/to/star.company.com/apache.crt > SSLCertificateKeyFile /path/to/star.company.com/apache.key > SSLCACertificateFile /path/to/star.company.com/ca.crt > ProxyPass / http://b.company.com/ > ProxyPassReverse / http://b.company.com/ > </VirtualHost> > > Cheers > > Tom > > --------------------------------------------------------------------- > The official User-To-User support forum of the Apache HTTP Server Project. > See <URL:http://httpd.apache.org/userslist.html> for more info. > To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx > " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx > For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx > --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|