Return-Path: Delivered-To: apmail-httpd-users-archive@www.apache.org Received: (qmail 55029 invoked from network); 3 Aug 2010 21:35:55 -0000 Received: from unknown (HELO mail.apache.org) (140.211.11.3) by 140.211.11.9 with SMTP; 3 Aug 2010 21:35:55 -0000 Received: (qmail 87361 invoked by uid 500); 3 Aug 2010 21:35:52 -0000 Delivered-To: apmail-httpd-users-archive@httpd.apache.org Received: (qmail 87327 invoked by uid 500); 3 Aug 2010 21:35:52 -0000 Mailing-List: contact users-help@httpd.apache.org; run by ezmlm Precedence: bulk Reply-To: users@httpd.apache.org list-help: list-unsubscribe: List-Post: List-Id: Delivered-To: mailing list users@httpd.apache.org Received: (qmail 87319 invoked by uid 99); 3 Aug 2010 21:35:52 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 03 Aug 2010 21:35:52 +0000 X-ASF-Spam-Status: No, hits=0.7 required=10.0 tests=SPF_NEUTRAL X-Spam-Check-By: apache.org Received-SPF: neutral (nike.apache.org: local policy) Received: from [109.74.192.183] (HELO vision.beta16.co.uk) (109.74.192.183) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 03 Aug 2010 21:35:44 +0000 Received: from localhost ([127.0.0.1] helo=vision.beta16.co.uk) by vision.beta16.co.uk with esmtp (Exim 4.69) (envelope-from ) id 1OgP8u-0001nq-6B for users@httpd.apache.org; Tue, 03 Aug 2010 22:35:24 +0100 Received: from 82.46.78.129 (SquirrelMail authenticated user richard) by vision.beta16.co.uk with HTTP; Tue, 3 Aug 2010 21:35:24 -0000 (GMT) Message-ID: <39bc99c9ca2d5b7a1e280499187b2e0f.squirrel@vision.beta16.co.uk> Date: Tue, 3 Aug 2010 21:35:24 -0000 (GMT) From: "Richard Bishop" To: users@httpd.apache.org User-Agent: SquirrelMail/1.4.15 MIME-Version: 1.0 Content-Type: text/plain;charset=iso-8859-1 Content-Transfer-Encoding: 8bit X-Priority: 3 (Normal) Importance: Normal X-Virus-Checked: Checked by ClamAV on apache.org Subject: [users@httpd] Help with CONNECT method rewriting Hi, I'm hoping you can help me with something that I've been struggling with for a couple of days. I'm using mod_proxy to forward proxy requests between one network and another. I'm attempting to combine this with mod_rewrite to rewrite CONNECT requests for certain (SSL) servers. Note that I'm only trying to rewrite the HTTP connect request, not the SSL data itself (which is encrypted and I have no access to). What I'm hoping to achieve is that "CONNECT server.example.org:443 HTTP/1.0" gets rewritten to "CONNECT server.example.com:443 HTTP/1.0" - an upstream proxy then gets the request "CONNECT server.example.com:443 HTTP/1.0". Having played around with mod_rewrite for several hours I'm having trouble getting it working. I've enabled RewriteLogLevel 9 and I'm seeing log entries that indicate things are working as I intend: rewrite 'proxy:example.org:443' -> 'proxy:example.com:443' Though the upstream proxy is still seeing "CONNECT server.example.org:443" rather than the rewritten version. The relevant parts of my httpd.conf file are: ---- LoadModule headers_module modules/mod_headers.so LoadModule rewrite_module modules/mod_rewrite.so LoadModule proxy_module modules/mod_proxy.so LoadModule proxy_connect_module modules/mod_proxy_connect.so LoadModule proxy_http_module modules/mod_proxy_http.so ProxyRequests On ProxyVia On AllowConnect 443 Order allow,deny Allow from all RewriteEngine On RewriteCond %{REQUEST_METHOD} ^CONNECT$ RewriteRule ^(.*)server\.example\.org(.*)$ $1server.example.com$2 ---- I've noted that mod_rewrite has a [P] flag that forces the request to be proxied to another server, though this doesn't appear to work with https (SSL) servers - or am I missing something? Any advice would be gratefully received. Many thanks Richard --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See for more info. To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org " from the digest: users-digest-unsubscribe@httpd.apache.org For additional commands, e-mail: users-help@httpd.apache.org