Mailing-List: contact users-help@httpd.apache.org; run by ezmlm
Precedence: bulk
Reply-To: users@httpd.apache.org
content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: text/plain;
	charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
Date: Wed, 7 Jan 2004 09:14:17 +0100
Message-ID: 
 <FAB6A3A2CC5BDB448DADFA1C8C0752965F73EF@SOMEXEVS001.ex.ordersx.org>
Priority: normal
Importance: normal
Thread-Topic: [users@httpd] Reverse Proxy HTTP and HTTPS without VHosts
Thread-Index: AcPUhhhzY4qjEnvaSzWdkOVamrNRHAAbvzgQ
From: "Boyle Owen" <Owen.Boyle@swx.com>
To: <users@httpd.apache.org>
Subject: RE: [users@httpd] Reverse Proxy HTTP and HTTPS without VHosts

If I understand correctly;

- port 80 is blocked
- port 443 is open
- if you can have one plain HTTP server, you're happy

=3D> run HTTP on port 443 (nobody forces you to use HTTPS on port 443).

If you still need SSL as well, then you're stuck - as Joshua points out,
you can't run HTTP and HTTPS on the same socket any more than you can
run DNS and SMTP on the same socket.

I have to say that your ISP environment sounds very limited for a
web-based business. Frankly, it's inadequate... Who made the deal with
ISP? Nobody who knows anything about the web, for sure...

Rgds,
Owen Boyle
Disclaimer: Any disclaimer attached to this message may be ignored.=20


> -----Original Message-----
> From: James Hurne [mailto:hurne_jim@yahoo.com]
> Sent: Dienstag, 6. Januar 2004 19:51
> To: users@httpd.apache.org
> Subject: [users@httpd] Reverse Proxy HTTP and HTTPS without VHosts
>=20
>=20
> Hello,
>=20
> Is it possible to configure Apache 1.X to accept both
> SSL and non-SSL connections without the use of Virtual
> Hosts in the context of using Apache as a Reverse
> Proxy Server?
>=20
> If Apache cannot do the above, does anyone know of
> another application that can?  Something like Squid?
>=20
> Here's why I want to do something so bizarre (you can
> just answer the question if you don't want to read the
> why):
>=20
> I work for a small consulting company, and we just
> recently moved into a new office, and have settled in
> with a new ISP.  Unfortunately, our ISP options were
> very limited, and we forced to choose ISP which blocks
> incoming port 80 traffic, and also gives us only one
> public IP address to work with.
>=20
> We have one Apache Server setup to serve as a Reverse
> Proxy using the mod_proxy module.  It is also setup to
> use SSL and port 443, thus getting around our blocked
> port 80 problem.  Although, this solution causes
> another problem.
>=20
> We use Lotus Sametime, which is a web-based meeting
> application to provide real-time support for many of
> our clients.  Sametime uses a signed Java applet to
> connect to our server with it's own TCP/IP protocol,
> but many of our clients have firewalls blocking the
> ports that it uses.  Luckily, Sametime supports HTTP
> tunneling, providing connectivity through port 80,
> however it does not support tunneling over HTTPS.
>=20
> So, what I want is to have Apache listen for both HTTP
> and HTTPS connections, and handle the HTTPS
> connections for our web applications, and the
> non-HTTPS connections for Sametime to allow it to
> tunnel over HTTP on port 443.
>=20
> Since we only have one IP, IP-based Virtual Hosts are
> out, and since we are using SSL, name-based Virtual
> Hosts are also out, thus leaving me in my current
> dilemma.
>=20
> Thanks for your help.
>=20
> __________________________________
> Do you Yahoo!?
> Yahoo! Hotjobs: Enter the "Signing Bonus" Sweepstakes
> http://hotjobs.sweepstakes.yahoo.com/signingbonus
>=20
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP=20
> Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>    "   from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>=20
>=20
Diese E-mail ist eine private und pers=F6nliche Kommunikation. Sie hat
keinen Bezug zur B=F6rsen- bzw. Gesch=E4ftst=E4tigkeit der SWX Gruppe. =
This
e-mail is of a private and personal nature. It is not related to the
exchange or business activities of the SWX Group. Le pr=E9sent e-mail =
est
un message priv=E9 et personnel, sans rapport avec l'activit=E9 =
boursi=E8re du
Groupe SWX.

This message is for the named person's use only. It may contain
confidential, proprietary or legally privileged information. No
confidentiality or privilege is waived or lost by any mistransmission.
If you receive this message in error, please notify the sender urgently
and then immediately delete the message and any copies of it from your
system. Please also immediately destroy any hardcopies of the message.
You must not, directly or indirectly, use, disclose, distribute, print,
or copy any part of this message if you are not the intended recipient.
The sender's company reserves the right to monitor all e-mail
communications through their networks. Any views expressed in this
message are those of the individual sender, except where the message
states otherwise and the sender is authorised to state them to be the
views of the sender's company.=20


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org