httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Tom Evans <tevans...@googlemail.com>
Subject Re: [users@httpd] SSL redirect ?
Date Thu, 04 Nov 2010 17:01:58 GMT
On Thu, Nov 4, 2010 at 10:56 AM, Brent Clark <brentgclarklist@gmail.com> wrote:
> Hiya
>
> I got an interesting request from a client and I was hoping to bounce this
> off you guys.
>
> ------------------------------------------------------------------------------------------------------------------------------------------------------------
> I need my linux server to accept incoming connections on port 8080 and
> forward them to an HTTPS address and do all communications.
>
> So, if a developer connects to, and uses
>
> https://abc.com/v4/transaction?wsdl
>
> it should redirect, communicate, and return data from
>
> https://trans.api.hidden.com/v4/transaction?wsdl
>
> Basically, I need to mask the trans.api.hidden.com and make all
> communications deal with abc.co.za.
>
> This is the same server.
>
> Personally I cant see this is possible, cause of the it been SSL. I would
> assume this activity as no different as a MITM attack.
> But googling, says I should look at mod_proxy. Is this possible?
>
> What do you guys think. If someone could help. It would be appreciated.
>
> Kind Regards
> Brent Clark
>

If your client connects to https://abc.com/ , then that is where SSL
will be terminated for the client. If you then proxy that connection
to https://trans.api.hidden.com/ , then that will be a separate SSL
connection between two apache servers, it will not carry any client
certificates that the client initially presented to https://abc.com .

wrt to your later question, apache is more than capable of proxying to
itself. I'm not sure you would need the overhead of an SSL connection
on a request that would never go on the wire.

Cheers

Tom

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message