You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@httpd.apache.org by Florian Lindner <ma...@xgm.de> on 2005/05/22 12:07:23 UTC

[users@httpd] Re: SSL-Proxy

Am Sonntag, 22. Mai 2005 10:19 schrieb Joost de Heer:
> > <VirtualHost *:443>
> >         ServerName centershock.net
> >
> >         SSLEngine On
> >         SSLCertificateFile /etc/apache2/conf/ssl/server.crt
> >         SSLCertificateKeyFile /etc/apache2/conf/ssl/server.key
> >
> >         <Proxy *>
> >                 Order deny,allow
> >                 Allow from all
> >         </Proxy>
> >
> >         ProxyPass /ssl/xgm.de http://xgm.de
> >         ProxyPassReverse /ssl/xgm.de http://xgm.de
> > </VirtualHost>
> >
> > So the URL https://centershock.net/ssl/xgm.de/ should be the same like
> > http://xgm.de only over SSL.
> >
> > But this seem to be not correct. I get a 403 error (not allowed)
>
> <Proxy> doesn't need to be used for Reverse Proxies. You should remove it.

I have

         <Proxy *>
                 Order deny,allow
                 Allow from all
         </Proxy>

removed


> Does http://xgm.de work? I guess you've added a 'deny to all' to it to
> avoid people reaching it directly. But this also forbids the reverse proxy
> to reach it. Allow the IP address of the reverse proxy to reach that
> vhost.

http://xgm.de ist public available. (go ahead and check it out). The xgm.de 
ist pointing on the same machine and the vhost is running on the same 
machine.

Thanks,

Florian

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org