httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Brooks, Jim" <>
Subject [users@httpd] http to https proxy
Date Mon, 29 Nov 2004 22:38:51 GMT

I have an internal java application sending out web services requests to various external
servers through an apache proxy.  Currently the ssl encryption is being done on the app servers,
but we would like to shift that to our webservers that have ssl cards.

client (app) ...http... proxy ...https... server

I have seen references to ProxyPass or ReWrite that seem close to what I would like, but nothing
that seems to work just right.  Any help or pointers, or that one trick that makes it works
would be much appreciated.

Jim Brooks

I'm on Solaris 8 w/ apache 2.0.43.

ServerRoot "/opt/apache/apache2/web_04"
User nobody
Group nobody
ProxyRequests On

LogFormat "%h %l %u %t \"%r\" %>s %b" common
LogLevel DEBUG
CustomLog logs/access_log common
ErrorLog logs/error_log

SSLProxyEngine on
SSLCryptoDevice cswift

AddType application/x-x509-ca-cert .crt
AddType application/x-pkcs7-crl    .crl

SSLPassPhraseDialog  builtin

SSLSessionCache         dbm:logs/ssl_scache
SSLSessionCacheTimeout  300

SSLMutex  file:logs/ssl_mutex

SSLRandomSeed startup file:/dev/urandom 512
SSLRandomSeed connect file:/dev/urandom 512

RewriteEngine on
RewriteRule   ^http:\\ ^https:\\     [R]
RewriteLog logs/rewrite_log
RewriteLogLevel 1

SSLEngine on
SSLCipherSuite ALL
SSLCertificateFile /opt/apache/apache2/web_01/conf/ssl.crt/web11.crt
SSLCertificateKeyFile /opt/apache/apache2/web_01/conf/ssl.key/web11.key
SSLCACertificateFile /opt/apache/apache2/web_02/conf/ssl.crt/cbundle.crt


Jim Brooks,
Configuration Management

jim.brooks at
tele (925) 210-8204

BenefitPoint, Inc.  
1340 Treat Blvd
Walnut Creek, CA 94597
Customer Support 415.277.5700

This electronic transmission (and any attached document or file) is confidential and intended
for the sole use of the individual(s) to whom it is addressed. Any further distribution or
copying of this message is strictly prohibited. If you received this message in error, please
notify the sender, and destroy the message (and attached files), immediately. BenefitPoint
is not liable for any use or misuse contrary to these directions.

The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:> for more info.
To unsubscribe, e-mail:
   "   from the digest:
For additional commands, e-mail:

View raw message