You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by Nick Kew <ni...@webthing.com> on 2004/12/29 19:14:40 UTC
[users@httpd] Re: https/SSL and ProxyRemote did not work when using a reverse
proxy (PLEASE HELP:)
Leif Hanack wrote:
> I'm trying to get the following szenario to work with Apache
> 2.0.51/OpenSSL 0.9.7d.
2.0.51 had some serious problems. Better not to use it - upgrade to .52
or, if that's not possible for any reason, go back to .50.
> Client --http--> Reverse Proxy --internal--> Forward Proxy
> (ProxyRemote) --https--> Webserver
Erk! Are you expecting that "internal" to run http or https?
> My logs :
>
> [Mon Dec 13 14:14:50 2004] [debug] ssl_engine_io.c(1517): OpenSSL: I/O
> error, 7 bytes expected to read on BIO#a55e90 [mem: a5b670]
> [Mon Dec 13 14:14:50 2004] [debug] ssl_engine_kernel.c(1793): OpenSSL:
> Exit: error in SSLv2/v3 read server hello A
> [Mon Dec 13 14:14:50 2004] [info] SSL Proxy connect failed
Is that from the reverse proxy? It seems to be trying to connect
with SSL.
> My config :
>
> <VirtualHost serverIP:80>
> ServerName intra-xy.com
> ServerAdmin mailadmin@example.com
> ProxyRequests Off
> ProxyRemote * http://proxyIP:3128
> SSLProxyEngine on
> ProxyPass / https://remoteServerIP/
> ProxyPassReverse / https://remoteServerIP/
> </VirtualHost>
That ProxyRemote appears to be asking for the internal connection to use
http, not https. If the log entries are from this server ... well,
I'm confused.
Is your "proxyIP:3128" in fact expecting http or https?
--
Nick Kew
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org