httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Sebastian Reitenbach" <itlistu...@rapideye.de>
Subject [users@httpd] mod_proxy and SSL
Date Wed, 17 May 2006 15:23:46 GMT
Hi,

I have an apache listening for SSL connections on port 443 behind a NAT 
firewall in the DMZ. Connections for one virtual host shall be reverse proxied 
to another host in the same DMZ, but it seems that I am unable to get it to 
work, for me it seems I must have missed sth. obvious.

I tried this with mod_proxy:

SSLProxyEngine On
ProxyRequests On
AllowCONNECT 443
ProxyPass / https://10.0.0.2/
ProxyPassReverse / https://10.0.0.2/

then I receive the following error messages at the proxy:
[Wed May 17 17:07:18 2006] [error] SSL Proxy requested for 
webgis.rapideye.de:80 but not enabled [Hint: SSLProxyEngine]
[Wed May 17 17:07:18 2006] [error] proxy: failed to enable ssl support for 
10.0.0.2:443 (0.0.0.2)
[Wed May 17 17:07:19 2006] [notice] child pid 28242 exit signal Segmentation 
fault (11)

because of the segmentation fault, I am not sure, whether it shall work that 
way or not, but I doubt it.

with the SSLProxyEngine enabled:
SSLProxyEngine On
ProxyRequests On
AllowCONNECT 443
ProxyPass / https://10.0.0.2/
ProxyPassReverse / https://10.0.0.2/

I have this message in the error_log of the proxy:
[Wed May 17 17:09:55 2006] [error] (20014)Error string not specified yet: 
proxy: request failed to 10.10.10.2:443 (10.0.0.2)
[Wed May 17 17:09:55 2006] [error] proxy: HTTP: previous connection is closed
[Wed May 17 17:09:55 2006] [error] (20014)Error string not specified yet: 
proxy: request failed to 10.0.0.2:443 (10.0.0.2)

and this in the error_log of the apache behind the proxy:
[Wed May 17 19:07:17 2006] [error] [client 10.0.0.3] Invalid method in request 
\x80|\x01\x03\x01
[Wed May 17 19:07:17 2006] [error] [client 10.0.0.3] Invalid method in request 
\x80|\x01\x03\x01


with only these in the virtual host of the proxy, it is working, but only 
without HTTPS

ProxyPass / http://10.0.0.2/
ProxyPassReverse / http://10.0.0.2/

Is there any way to access an HTTPS server behind a apache HTTPS proxy?

kind regards
Sebastian

-- 
Sebastian Reitenbach            Tel.: ++49-(0)3381-8904-451
RapidEye AG                     Fax: ++49-(0)3381-8904-101    
Molkenmarkt 30                  e-mail:reitenbach@rapideye.de     
D-14776 Brandenburg             web:http://www.rapideye.de 


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message