httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Rajesh Cherukuri <rajec...@gmail.com>
Subject [users@httpd] Apache Proxy https
Date Tue, 13 Mar 2018 18:35:31 GMT
Hi
can some one help me on this , i am trying to configure Apache as forward
proxy so that  client can connect to the HTTPS url , below is my
configuration , i get 403 when connecting to HTTPS urls , i can  connect
to  http url without any issues if i update below vhost with* <Proxy
"http://example.com <http://example.com>"> *my apache version is 2.4

*Vhost  configuration*

Listen xxx.xx.xxx.x:8082

<VirtualHost  xxx.xx.xxx.x:8082>
ServerName      testnew1.com
 ProxyRequests On
ProxyVia On
SSLProxyEngine On






*<Proxy "*"> Require all denied </Proxy> <Proxy "https://example.com
<https://example.com>"> ProxySet connectiontimeout=5 timeout=30 Require all
granted </Proxy> *
</VirtualHost>






error log

[Tue Mar 13 14:33:10.305463 2018] [ssl:debug] [pid 28530]
ssl_engine_pphrase.c(181): AH02199: SSL not enabled on vhost testnew1.com:80,
skipping SSL setup
[Tue Mar 13 14:33:10.437213 2018] [ssl:debug] [pid 28530]
ssl_engine_pphrase.c(181): AH02199: SSL not enabled on vhost testnew1.com:80,
skipping SSL setup
[Tue Mar 13 14:33:10.479295 2018] [proxy:debug] [pid 28536]
proxy_util.c(1843): AH00925: initializing worker https://example.com shared
[Tue Mar 13 14:33:10.479327 2018] [proxy:debug] [pid 28536]
proxy_util.c(1885): AH00927: initializing worker https://example.com local
[Tue Mar 13 14:33:10.479394 2018] [proxy:debug] [pid 28536]
proxy_util.c(1936): AH00931: initialized single connection worker in child
28536 for (example.com)
[Tue Mar 13 14:33:10.479428 2018] [proxy:debug] [pid 28536]
proxy_util.c(1843): AH00925: initializing worker proxy:forward shared
[Tue Mar 13 14:33:10.479438 2018] [proxy:debug] [pid 28536]
proxy_util.c(1885): AH00927: initializing worker proxy:forward local
[Tue Mar 13 14:33:10.479477 2018] [proxy:debug] [pid 28536]
proxy_util.c(1936): AH00931: initialized single connection worker in child
28536 for (*)
[Tue Mar 13 14:33:10.493164 2018] [proxy:debug] [pid 28537]
proxy_util.c(1843): AH00925: initializing worker https://example.com shared
[Tue Mar 13 14:33:10.493195 2018] [proxy:debug] [pid 28537]
proxy_util.c(1885): AH00927: initializing worker https://example.com local
[Tue Mar 13 14:33:10.493263 2018] [proxy:debug] [pid 28537]
proxy_util.c(1936): AH00931: initialized single connection worker in child
28537 for (example.com)
[Tue Mar 13 14:33:10.493298 2018] [proxy:debug] [pid 28537]
proxy_util.c(1843): AH00925: initializing worker proxy:forward shared
[Tue Mar 13 14:33:10.493309 2018] [proxy:debug] [pid 28537]
proxy_util.c(1885): AH00927: initializing worker proxy:forward local
[Tue Mar 13 14:33:10.493351 2018] [proxy:debug] [pid 28537]
proxy_util.c(1936): AH00931: initialized single connection worker in child
28537 for (*)
[Tue Mar 13 14:33:10.496458 2018] [proxy:debug] [pid 28538]
proxy_util.c(1843): AH00925: initializing worker https://example.com shared
[Tue Mar 13 14:33:10.496488 2018] [proxy:debug] [pid 28538]
proxy_util.c(1885): AH00927: initializing worker https://example.com local
[Tue Mar 13 14:33:10.496556 2018] [proxy:debug] [pid 28538]
proxy_util.c(1936): AH00931: initialized single connection worker in child
28538 for (example.com)
[Tue Mar 13 14:33:10.496590 2018] [proxy:debug] [pid 28538]
proxy_util.c(1843): AH00925: initializing worker proxy:forward shared
[Tue Mar 13 14:33:10.496601 2018] [proxy:debug] [pid 28538]
proxy_util.c(1885): AH00927: initializing worker proxy:forward local
[Tue Mar 13 14:33:10.496643 2018] [proxy:debug] [pid 28538]
proxy_util.c(1936): AH00931: initialized single connection worker in child
28538 for (*)
[Tue Mar 13 14:33:10.500193 2018] [proxy:debug] [pid 28539]
proxy_util.c(1843): AH00925: initializing worker https://example.com shared
[Tue Mar 13 14:33:10.500226 2018] [proxy:debug] [pid 28539]
proxy_util.c(1885): AH00927: initializing worker https://example.com local
[Tue Mar 13 14:33:10.500296 2018] [proxy:debug] [pid 28539]
proxy_util.c(1936): AH00931: initialized single connection worker in child
28539 for (example.com)
[Tue Mar 13 14:33:10.500333 2018] [proxy:debug] [pid 28539]
proxy_util.c(1843): AH00925: initializing worker proxy:forward shared
[Tue Mar 13 14:33:10.500344 2018] [proxy:debug] [pid 28539]
proxy_util.c(1885): AH00927: initializing worker proxy:forward local
[Tue Mar 13 14:33:10.500400 2018] [proxy:debug] [pid 28539]
proxy_util.c(1936): AH00931: initialized single connection worker in child
28539 for (*)
[Tue Mar 13 14:33:10.504005 2018] [proxy:debug] [pid 28535]
proxy_util.c(1843): AH00925: initializing worker https://example.com shared
[Tue Mar 13 14:33:10.504035 2018] [proxy:debug] [pid 28535]
proxy_util.c(1885): AH00927: initializing worker https://example.com local
[Tue Mar 13 14:33:10.504105 2018] [proxy:debug] [pid 28535]
proxy_util.c(1936): AH00931: initialized single connection worker in child
28535 for (example.com)
[Tue Mar 13 14:33:10.504141 2018] [proxy:debug] [pid 28535]
proxy_util.c(1843): AH00925: initializing worker proxy:forward shared
[Tue Mar 13 14:33:10.504152 2018] [proxy:debug] [pid 28535]
proxy_util.c(1885): AH00927: initializing worker proxy:forward local
[Tue Mar 13 14:33:10.504191 2018] [proxy:debug] [pid 28535]
proxy_util.c(1936): AH00931: initialized single connection worker in child
28535 for (*)
[Tue Mar 13 14:33:24.883644 2018] [core:debug] [pid 28536] vhost.c(1170):
[client 172.16.135.4:57782] AH02417: Replacing host header 'example.com:443'
with host 'example.com:443' given in the request uri
[Tue Mar 13 14:33:24.884073 2018] [authz_core:debug] [pid 28536]
mod_authz_core.c(809): [client 172.16.135.4:57782] AH01626: authorization
result of Require all denied: denied
[Tue Mar 13 14:33:24.884090 2018] [authz_core:debug] [pid 28536]
mod_authz_core.c(809): [client 172.16.135.4:57782] AH01626: authorization
result of <RequireAny>: denied
[Tue Mar 13 14:33:24.884099 2018] [authz_core:error] [pid 28536] [client
172.16.135.4:57782] AH01630: client denied by server configuration: proxy:
example.com:443
(END)




*curl test *
 * About to connect() to proxy xxx.xx.xxx.x port 8082 (#0)
*   Trying xxx.xx.xxx.x..
* Connected to xxx.xx.xxx.x (xxx.xx.xxx.x) port 8082 (#0)
* Establish HTTP proxy tunnel to example.com:443
> CONNECT example.com:443 HTTP/1.1
> Host: example.com:443
> User-Agent: curl/7.29.0
> Proxy-Connection: Keep-Alive
>
< HTTP/1.1 403 Forbidden
HTTP/1.1 403 Forbidden
< Date: Tue, 13 Mar 2018 14:51:50 GMT
Date: Tue, 13 Mar 2018 14:51:50 GMT
< Server: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips
Server: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips
< Content-Length: 216
Content-Length: 216
< Content-Type: text/html; charset=iso-8859-1
Content-Type: text/html; charset=iso-8859-1
<

* Received HTTP code 403 from proxy after CONNECT
* Connection #0 to host xxx.xx.xxx.x left intact
curl: (56) Received HTTP code 403 from proxy after CONNECT

Mime
View raw message