Apache reverse proxy configuration issue

Question

i have a problem with setting up an apache reverse proxy server and hope you can help.

I have 3 ubuntu web servers, available on https://service1.domain.com , https://service2.domain.com:4433 and so on... Now, i will access these servers without typing the port in the addressbar.

So my idea is to use an reverse proxy server, that i can type in service2.domain.com and it redirects to service2 (https).

I installed an ubuntu server with apache and enabled the modules:

sudo a2enmod proxy
sudo a2enmod proxy_http
sudo a2enmod proxy_balancer
sudo a2enmod lbmethod_byrequests

Then i set up the 000-default.conf on the proxy with the following content:

<VirtualHost service1.domain.com:80>
    ProxyPreserveHost On

    ProxyPass / https://service1.domain.com/
    ProxyPassReverse / https://service1.domain.com/
</VirtualHost>

<VirtualHost service2.domain.com:80>
    ProxyPreserveHost On

    ProxyPass / https://service2.domain.com/
    ProxyPassReverse / https://service2.domain.com/
</VirtualHost>

The ports 80 and 443 on the router are forwarded to the proxy server. On the service(1-3) servers, SSL is enabled with certificates from Lets Encrypt.

Now, if i try to open site service1.domain.com, i get an error (cert_name). The sites now should not be accessible directly, because there is no port forwarding anymore.

My question is now, how is the right config for reverse proxies? Do i need to enable a certificate for each service also on the proxy server?

Thank you for your help!

Answer 1

Not exactly sure what your end goal is. The certificate is for the client facing server. If you want people to hit the site without having to set the port, you can use the Redirect statement in the virtual host config.

<VirtualHost *:80>

    ServerName example.com
    ServerAlias www.example.com
    Redirect permanent / https://www.example.com

</VirtualHost>

Which would forward any non ssl traffic to use the ssl virtual host.