httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Boyle Owen" <Owen.Bo...@six-group.com>
Subject RE: [users@httpd] Issue with SSL configuration.
Date Thu, 30 Oct 2008 11:27:19 GMT
I think you're not getting responses because your question is a bit
muddled...

By ".. able to use the SSL at the apache level .. " I am assuming that
https://server/filepath returns the file at <DocumentRoot>/filepath -
i.e. you can get local content via HTTPS. Is this so?

If so, all you need to do now is proxy this VH to the back-end server
(i.e. the weblogic thingy). For this you need Proxy directives,e.g.

ProxyPass / http://back-end-server/

then a request for https://server/filepath will cause apache to fetch
http://back-end-server/filepath and return it, via HTTPS, to the client.

I don't quite understand why you have paths like /OPSWeb/neo... That
makes it look like apache is fetching the back-end content via the
filesystem (e.g. shared disks). If so, that's not right - a proxy is
simply a way of forwarding HTTP requests so that all data are
transferred by HTTP. No need for the servers to see each other's files.

Rgds,
Owen Boyle
Disclaimer: Any disclaimer attached to this message may be ignored. 

 


________________________________

	From: Vasanth Kumar ravi [mailto:josvasanth@gmail.com] 
	Sent: Thursday, October 30, 2008 6:30 AM
	To: users@httpd.apache.org
	Subject: Re: [users@httpd] Issue with SSL configuration.
	
	
	All,
	Can someone throw light on this issue.
	
	Thanks.
	
	
	On Wed, Oct 29, 2008 at 4:28 PM, Vasanth Kumar ravi
<josvasanth@gmail.com> wrote:
	

		Thanks folks..
		After posting this in the forum , I did an extensive
research on the internet and it was resolved.
		Major problem was due to the Virtual host
configuration..Now i am able to use the SSL at the apache level.
		
		wildcard NameVirtualHosts and _default_ servers:
		*:443                  is a NameVirtualHost
		         default server gelxd002.sony.com.sg
(/home/apache/conf/httpd.conf:362)
		         port 443 namevhost gelxd002.sony.com.sg
(/home/apache/conf/httpd.conf:362)
		         port 443 namevhost gelxd002.sony.com.sg
(/home/apache/conf/httpd.conf:376)
		*:80                   is a NameVirtualHost
		         default server gelxd002.sony.com.sg
(/home/apache/conf/httpd.conf:332)
		         port 80 namevhost gelxd002.sony.com.sg
(/home/apache/conf/httpd.conf:332)
		         port 80 namevhost gelxd002.sony.com.sg
(/home/apache/conf/httpd.conf:343)
		
		I need your help in some configuration ideas.
		I m trying to setup something like the below.
		Client <---SSL---> Apache <---HTTP---> WebLogic
		
		I request http://<hostname>/OPSWeb/neo from the browser
and it goes to the login page and I am able to perform all the
functions.
		When I request https://<hostname>/OPSWeb/neo , it doesnt
give a login page, but it gives a pop-up in IE "Access is Denied. Type
Error"
		As stated earlier, I need to have HTTPS between the
browser and the web server and HTTP between the Apache and Weblogic.
		Also there is no SSL enabled at the Weblogic level.
		
		Do we have to write some ProxyReverse Parameters/Rewrite
rules.
		Let me know if you need any further details.
		
		Please advise. 




		On Tue, Oct 28, 2008 at 10:35 PM, Krist van Besien
<krist.vanbesien@gmail.com> wrote:
		

			On Tue, Oct 28, 2008 at 3:36 AM, Vasanth Kumar
ravi
			<josvasanth@gmail.com> wrote:
			
			> SSLCertificateFile
/usr/share/ssl/certs/server.crt/
			> SSLCertificateKeyFile
/usr/share/ssl/certs/server.key/
			
			
			The argument to SSLCertifacateFile and
SSLCertificateKeyFile is a
			_file_, not a directory. Just enter the full
path to your cert and
			private key here.
			

			> I had copied the certs to the openssl certs
directory and created hashlinks
			> for them.
			
			
			Creating hashkeys is not necessary. Apache knows
where to find its
			cert if you give  SSLCertificateFile the correct
value.
			
			Krist
			
			--
			krist.vanbesien@gmail.com
			krist@vanbesien.org
			Bremgarten b. Bern, Switzerland
			--
			A: It reverses the normal flow of conversation.
			Q: What's wrong with top-posting?
			A: Top-posting.
			Q: What's the biggest scourge on plain text
email discussions?
			

	
---------------------------------------------------------------------
			The official User-To-User support forum of the
Apache HTTP Server Project.
			See <URL:http://httpd.apache.org/userslist.html>
for more info.
			To unsubscribe, e-mail:
users-unsubscribe@httpd.apache.org
			  "   from the digest:
users-digest-unsubscribe@httpd.apache.org
			For additional commands, e-mail:
users-help@httpd.apache.org
			
			




		-- 
		Regards&Thanks,
		Vasanth Kumar Ravi
		




	-- 
	Regards&Thanks,
	Vasanth Kumar Ravi
	


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message