You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by Ken Hilliard <ke...@seqid.com> on 2003/01/10 21:02:42 UTC
[users@httpd] Apache proxy and SSL
I need to configure a web proxy that will map HTTPS to HTTP. For example:
https://www.acme.com to http://www.acme.com
Where people on the outside would enter https://www.acme.com and the proxy
would forward it to http://www.acme.com. We want to build a secure extranet
box and we need SSL for privacy. We plan to put an SSL accelerator card in
this box. We don't want to put SSL accelerators on the other web application
servers.
Someone told me there's a "proxy pass" configuration that would allow me to
proxy a URL and make the required scheme change.
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] Apache proxy and SSL
Posted by Daniel Lopez <da...@rawbyte.com>.
On Fri, Jan 10, 2003 at 12:02:42PM -0800, Ken Hilliard wrote:
> I need to configure a web proxy that will map HTTPS to HTTP. For example:
>
> https://www.acme.com to http://www.acme.com
>
> Where people on the outside would enter https://www.acme.com and the proxy
> would forward it to http://www.acme.com. We want to build a secure extranet
> box and we need SSL for privacy. We plan to put an SSL accelerator card in
> this box. We don't want to put SSL accelerators on the other web application
> servers.
>
> Someone told me there's a "proxy pass" configuration that would allow me to
> proxy a URL and make the required scheme change.
Yep, it should be as easy as setting up a reverse proxy, using an apache
server running mod_proxy and SSL and then adding
ProxyPass / http://1.2.3.4
ProxyPassReverse / http://1.2.3.4
Where 1.2.3.4 is your internal machine. Make sure any self referential URLs
in the internal machine point to www.acme.com so the client will go to the
gateway machine. You may want to have a look at ProxyPreserveHost
and UseCanonicalName off
Cheers
DamoeƱ
--
Teach Yourself Apache 2 -- http://apacheworld.org/ty24/
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org