stackoom
  简体   繁体   中英

Apache proxypass https to https

 原文  2015-08-28 04:58:40       apache/ ssl/ https/ proxy

Question

here is what I tired to do:

  1. browser -internet-> https(Apache proxypass)-intranet->(Apache https)
  2. both Apaches are installed the ssl certs.(startssl wide card,not self-signed)

Apache error log:

[client 192.168.2.157] SSL Proxy requested for test.xxx.com:443 but not enabled [Hint: SSLProxyEngine]

[error] proxy: HTTPS: failed to enable ssl support for 192.168.2.157:443 (test.xxx.com)

Then I tried use apache(on the internet) proxy to https://google.com and the error log is the same.

However,https to http works. browser -internet-> https(Apache proxypass)-intranet->(Apache http)

My config: 

<VirtualHost  *:443>
    SSLEngine on
    SSLCertificateFile /etc/apache2/ssl/xxx_com.crt
    SSLCertificateKeyFile /etc/apache2/ssl/xxx_com.key
    SSLCertificateChainFile /etc/apache2/ssl/sub.class2.server.ca.pem
    ProxyPreserveHost On
    ProxyRequests Off
    ProxyVia Off
    AllowEncodedSlashes NoDecode
    <Proxy *>
    Order deny,allow
    Allow from all
    </Proxy>
    ProxyPass  /       https://2w.xxx.com/
    ProxyPassReverse   /       https://2w.xxx.com/
    ServerName test.xxx.com
    RequestHeader set X-Forwarded-Proto "https"
    RequestHeader set X-Forwarded-Port "443"
    ErrorLog "/var/log/apache2/error-ssl.log"
</VirtualHost>

OR: 

<VirtualHost  *:443>
    ProxyPass  /       https://google.com/
    ProxyPassReverse   /       https://google.com/
    SSLEngine on
    SSLCertificateFile /etc/apache2/ssl/xxx_com.crt
    SSLCertificateKeyFile /etc/apache2/ssl/xxx_com.key
    SSLCertificateChainFile /etc/apache2/ssl/sub.class2.server.ca.pem
    ServerName test.xxx.com
</VirtualHost>

Seems like it's not possible for apache to handle https to https? if apache does not support this how about nginx?

1 answers

solution1
 7  2017-06-23 07:14:13

You should set "SSLProxyEngine On". The following is my example that may give you any idea. 

<VirtualHost *:443>
    SSLEngine On
    SSLProxyEngine On
    ServerName my.example.com:443
    SSLCertificateFile "${SRVROOT}/conf/ssl/example.pem"
    SSLCertificateKeyFile "${SRVROOT}/conf/ssl/example.key"
    ErrorLog "|bin/rotatelogs.exe -l /var/logs/apache/example/error.%Y-%m-%d.log 86400"
    CustomLog "|bin/rotatelogs.exe -l /var/logs/apache/example/ssl_request.%Y-%m-%d.log 86400" \
        "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"

    ProxyRequests Off
    ProxyPass / https://www.google.com/
    <Location />
        ProxyPassReverse /

        Options FollowSymLinks
        Require all granted
    </Location>   
</VirtualHost>

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question ProxyPass apache https to a node server Apache ProxyPass HTTPS and remote server with SNI ProxyPass for https not working Apache Virtual Host proxypass not working for root url in HTTPS ProxyPass custom port Redirect to https Redirect a HTTP page to HTTPS with ProxyPass to Tomcat server apache redirect HTTPS to canonical HTTPS HTTPS on Apache; Will it slow Apache? Redirect to https if url point to another webserver by means of proxypass Changing Wordpress http to https behind a Load Balancer with ProxyPass
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM