You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by David CM Weber <da...@backbonesecurity.com> on 2004/07/30 18:08:23 UTC

[users@httpd] Apache HTTPD 2.0 as OWA Proxy

This has been tackled a few times before, but I haven't found good
answers for what I want.  I've really plugged away at this for the past
3-4 days, searching google, but no such luck.  Here it goes.

Vital Stats:

Exchange 2000 (aka: mail-internal)
Apache HTTPD 2.0 (aka. mail)
Fedora Core 2.0

I've got an Outlook Web Access (OWA) server on my Intranet, which I want
to make available to the Internet through apache's proxy.

I want end-to-end encryption for users, so that the emails are always
encased in SSL.  The current behavior, is that when you go to
http://mail/ or https://mail/ it brings up the DocumentRoot location,
which is great.

When you try to log in via going to https://mail/exchange/  it brings up
the appropriate information in asking for credentials, looks like a SSL
connection is made, but I just get the OWA frames.  No data from within
the frames.  I looked at the source, and the source is referencing
http://mail-internal/... which is not the behavior I want, because
mail-internal is not accessible from the Internet, only from the proxy.
A DNS record for the "real world" doesn't even exist for mail-internal,
as it only lives in the /etc/hosts file on the Linux box.

My config file is attached, and I would grealy appreciate any assistance
from those more knowledgable in httpd than I


<VirtualHost 1.2.3.4:443>
        # This secures the server from being used as a third party
        # proxy server
        ProxyRequests Off

        # Allows the proxying of a SSL connection
        SSLProxyEngine On
        ProxyVia On

        DocumentRoot /home/user/mail_proxy/html/
        RequestHeader set Front-End-Https "On"

        ServerName mail

        # Set up SSL to work with this host
        SSLEngine On
        SSLCertificateFile /home/user/mail_proxy/server.crt
        SSLCertificateKeyFile /home/user/mail_proxy/server.key

        SSLProxyMachineCertificateFile
/home/dweber/mail_proxy/certnew.cer

        ProxyPass /exchange/ https://mail-internal/exchange/
        ProxyPassReverse /exchange/ https://mail-internal/exchange/

        ProxyPass /exchweb/ https://mail-internal/exchweb/
        ProxyPassReverse /exchweb/ https://mail-internal/exchweb/

        ProxyPass /public/ https://mail-internal/public/
        ProxyPassReverse /public/ https://mail-internal/public/
</VirtualHost>

<VirtualHost 1.2.3.4:80>
        DocumentRoot /home/user/mail_proxy/html/
        ServerName mail
</VirtualHost>

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org