httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Alex Duckers <alex.duck...@gmail.com>
Subject Re: [users@httpd] single SSL proxy to multiple non-SSL name-based hosts
Date Fri, 18 Mar 2011 15:28:08 GMT
Awesome, I think that is working.  I'll have my users poke at it to be sure.

Thanks!

On Mar 18, 2011, at 7:51 AM, Tom Evans wrote:

> On Fri, Mar 18, 2011 at 2:40 PM, Alex Duckers <alex.duckers@gmail.com> wrote:
>> Hi All - I imagine this is fairly common, but I've had trouble making it work.
>> I'm on RHEL 5.4, with Apache/2.2.3.
>> 
>> I've got two sites to deal with, sitea.company.com and siteb.company.com.
>> I've set up DNS for each of these to resolve the same ip address.
>> I have an Apache server listening on that IP address.
>> 
>> I'd like that apache server to do the following:
>>        * take requests for HTTPS://sitea.company.com, terminate SSL, and proxy the
HTTP to an internal server called sitea.internal.net.
>>        * take requests for HTTPS://siteb.company.com, terminate SSL, and proxy the
HTTP to an internal server called siteb.internal.net.
>> 
>> Both names can use the same SSL certificate; I'll probably get a wildcard cert for
this.
>> 
>> I was able to make it work for a single site with a very basic config, adding ProxyPass
and ProxyPass reverse to the httpd.conf file.  But this sends everything to that single host.
 When I try to break it out with virtualhosts, it either isn't terminating SSL properly, or
doesn't PROXY properly.
>> 
>> I'm sure I'm missing something pretty simple.  Anyone have a recipe for this?
>> 
>> Thanks
>> 
>> 
> 
> NameVirtualHost *:443
> <VirtualHost *:443>
>  ServerName a.company.com
>  SSLEngine On
>  SSLCertificateFile /path/to/star.company.com/apache.crt
>  SSLCertificateKeyFile /path/to/star.company.com/apache.key
>  SSLCACertificateFile /path/to/star.company.com/ca.crt
>  ProxyPass / http://a.company.com/
>  ProxyPassReverse / http://a.company.com/
> </VirtualHost>
> 
> <VirtualHost *:443>
>  ServerName b.company.com
>  SSLEngine On
>  SSLCertificateFile /path/to/star.company.com/apache.crt
>  SSLCertificateKeyFile /path/to/star.company.com/apache.key
>  SSLCACertificateFile /path/to/star.company.com/ca.crt
>  ProxyPass / http://b.company.com/
>  ProxyPassReverse / http://b.company.com/
> </VirtualHost>
> 
> Cheers
> 
> Tom
> 
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>   "   from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
> 


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message