httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Boyle Owen" <Owen.Bo...@swx.com>
Subject RE: [users@httpd] Ssl proxy tunnel
Date Mon, 10 Feb 2003 08:46:04 GMT
>-----Original Message-----
>From: Federico Mennite [mailto:federico.mennite@lifeware.ch]
>
>I'have set up an ssl proxy tunnel to some backend http servers.
>
>HostnameLookups Off
>
>Listen 192.168.1.1:443
><VirtualHost 192.168.1.1:443>
>   ServerName some.host.com
>   SSLEngine On
>   SSLCertificateFile    /opt/apache/conf/ssl.crt/my.crt
>   SSLCertificateKeyFile /opt/apache/conf/ssl.key/my.key
>   ProxyPass        / http://192.168.2.1:80/
>   ProxyPassReverse / http://192.168.2.1:80/
></VirtualHost>
>
>
>It looks like that mod_proxy performs a reverse lookup for 192.168.2.1 
>just before forwarding each http request to the internal server.

Do you use mod_access (Allow, Deny, Order) at the same level ad
HostNameLookups? If so, it overrides the HNL setting (mod_access needs
to lookup). Try putting the HNL inside the VH and read carefully the
docs for HNL.

Rgds,

Owen Boyle


>
>As a workaround I added the internal host ip number to /etc/hosts.
>
>Can this be prevented with some configuration parameter I'm hopefully 
>missing? :)
>
>Regards.
>
>--
>Federico Mennite.
>Lifeware AG
>
>
>
>---------------------------------------------------------------------
>The official User-To-User support forum of the Apache HTTP 
>Server Project.
>See <URL:http://httpd.apache.org/userslist.html> for more info.
>To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>   "   from the digest: users-digest-unsubscribe@httpd.apache.org
>For additional commands, e-mail: users-help@httpd.apache.org
>
>

This message is for the named person's use only. It may contain
confidential, proprietary or legally privileged information. No
confidentiality or privilege is waived or lost by any mistransmission.
If you receive this message in error, please notify the sender urgently
and then immediately delete the message and any copies of it from your
system. Please also immediately destroy any hardcopies of the message.
You must not, directly or indirectly, use, disclose, distribute, print,
or copy any part of this message if you are not the intended recipient.
The sender's company reserves the right to monitor all e-mail
communications through their networks. Any views expressed in this
message are those of the individual sender, except where the message
states otherwise and the sender is authorised to state them to be the
views of the sender's company. 

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message