You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by Matthew Javelet <ma...@gmail.com> on 2015/07/17 01:34:06 UTC
[users@httpd] Proxy Issues
Hello Everyone,
I'm having a bit of a struggle figuring out how to apply my _solution_ for
this current issue I'm facing.
I have server A & server B that both need to reach an external service,
server Z.
Server B has access while A does not, so we are wanting to make a proxy to
mediate the requests from B -> Z for A.
I thought the curl command from Server A would be:
curl https://server-z.com --proxy http://server-b
But that gives the following error:
* Trying x.x.x.x...
* Connected to host.name (X.X.X.X) port 80 (#0)
* Establish HTTP proxy tunnel to server-z:443
> CONNECT server-z:443 HTTP/1.1
> Host: server-z:443
> User-Agent: curl/7.40.0
> Proxy-Connection: Keep-Alive
>
< HTTP/1.1 502 Proxy Error
< Date: Thu, 16 Jul 2015 22:40:16 GMT
< Server: Apache/2.4.12
< Content-Length: 383
< Content-Type: text/html; charset=iso-8859-1
<
* Received HTTP code 502 from proxy after CONNECT
* Closing connection 0
curl: (56) Received HTTP code 502 from proxy after CONNECT
For the current vhost configuration on server B(server-b.proxy), I am using:
ProxyPass / https://server-z
ProxyPassReverse / https://server-z
>From Server B, I can run:
curl http://server-b.proxy
Which works/mediates, but I'm pretty sure this is incorrect as when I try
it from Server A, timeout as per usual occurs. Also, the curl request is
made though a PHP wrapper which disables verification for the ssl
request(not sure if it matters or would be brought up).
>From what I understood I needed a reverse proxy since I wanted this on a
fixed url, but now I'm not so sure. Any clarity on what I'm doing wrong
would be much appreciated.
Thanks,
Matthew
Re: [users@httpd] Proxy Issues
Posted by Marat Khalili <mk...@rqc.ru>.
Hello Matthew,
You can use both forward proxy and reverse proxy configuration for your
problem. In reverse proxy configuration server B pretends to be server
Z, therefore the following command should be used from any server:
$ curl http://server-b.proxy
This is what you seem to have configured now. However, there might be
issues with URLs returned by server Z pointing to server-z.com, not to
server-b.proxy (and subsequent requests get lost).
The command you specified first (curl --proxy ...) is for normal
(forward) proxy, which is not your current configuration. Forward proxy
is preferable if you don't want to deal with incorrect URLs.
--
With Best Regards,
Marat Khalili
On 17/07/15 02:34, Matthew Javelet wrote:
> Hello Everyone,
>
> I'm having a bit of a struggle figuring out how to apply my _solution_
> for this current issue I'm facing.
>
> I have server A & server B that both need to reach an external
> service, server Z.
> Server B has access while A does not, so we are wanting to make a
> proxy to mediate the requests from B -> Z for A.
>
> I thought the curl command from Server A would be:
> curl https://server-z.com --proxy http://server-b
>
> But that gives the following error:
> * Trying x.x.x.x...
> * Connected to host.name <http://host.name> (X.X.X.X) port 80 (#0)
> * Establish HTTP proxy tunnel to server-z:443
> > CONNECT server-z:443 HTTP/1.1
> > Host: server-z:443
> > User-Agent: curl/7.40.0
> > Proxy-Connection: Keep-Alive
> >
> < HTTP/1.1 502 Proxy Error
> < Date: Thu, 16 Jul 2015 22:40:16 GMT
> < Server: Apache/2.4.12
> < Content-Length: 383
> < Content-Type: text/html; charset=iso-8859-1
> <
> * Received HTTP code 502 from proxy after CONNECT
> * Closing connection 0
> curl: (56) Received HTTP code 502 from proxy after CONNECT
>
> For the current vhost configuration on server B(server-b.proxy), I am
> using:
> ProxyPass / https://server-z
> ProxyPassReverse / https://server-z
>
> From Server B, I can run:
> curl http://server-b.proxy
>
> Which works/mediates, but I'm pretty sure this is incorrect as when I
> try it from Server A, timeout as per usual occurs. Also, the curl
> request is made though a PHP wrapper which disables verification for
> the ssl request(not sure if it matters or would be brought up).
>
> From what I understood I needed a reverse proxy since I wanted this on
> a fixed url, but now I'm not so sure. Any clarity on what I'm doing
> wrong would be much appreciated.
>
> Thanks,
> Matthew
>
>