You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by Matthew McHugh <mm...@arrow.com> on 2005/03/03 03:14:42 UTC
[users@httpd] Connection reset errors when using mod_proxy to connect to IIS .....
Hello,
I am running various versions of apache (1.3.28 -> 1.3.33). I have mod_ssl
compiled in and mod_proxy compiled in (not loaded as a DSO). When I proxy
into an IIS (6.0) server running on Windows 2003 I get the following errors:
[Wed Mar 2 19:41:07 2005] [error] [client 12.96.192.84] (131)Connection
reset by peer: proxy: error reading from
http://servername/images/Shared/spacer.gif. It is only when I am accessing
this site over https (the proxy to the .NET/IIS server is over http), but
the virtual host on apache listens on both http and https. It also resets
on other files (not just .gif files) like .css, .js .etc ....
Here's a snippet of my virtual host settings:
<VirtualHost masked ip:80>
ServerAdmin admin@blah.com
DocumentRoot "masked docroot"
ServerName www.maskedname.com
ErrorLog logs/maskedname_com-error.log
TransferLog logs/maskedname_com-access.log
ProxyRequests Off
ProxyPass / http://172.16.17.138/
ProxyPassReverse / http://172.16.17.138/
</VirtualHost>
This works fine. The webclient accesses the smae site over http and it is
fine, the problem here is in my second virtual host that listens on https,
but still proxies to the .NET IIS environment over http (the communication
back to the client is still secure it is just not encrypted between the
apache proxy server and the internal .NET, IIS server). Here's the snippet
of the virtual host that is causing problems:
<VirtualHost masked ip:443>
DocumentRoot "masked docroot"
ServerName www.maskedname.com
ServerAdmin admin@blah.com
ErrorLog logs/maskednamel_com_ssl_error.log
TransferLog logs/maskedname_com_ssl_access.log
SSLEngine on
SSLCipherSuite
ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
SSLCertificateFile conf/ssl.crt/maskedname_com.crt
SSLCertificateKeyFile conf/ssl.key/maskedname_com.key
SSLProtocol all
#SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+EXP:+eNULL
ProxyRequests Off
ProxyPass / http://172.16.17.138/
ProxyPassReverse / http://172.16.17.138/
</VirtualHost>
I am able to recreate this using any of the above stated apache versions.
What seems to be hanging is that the site eventually loads, but it hangs
when loading the gif files or .css files, or loading the .js files. When I
access the http version of the site, it is fine, it's just when I do https.
I proxy all of the time (our app servers are never hit directly, always via
apache) and I have never had problems in the past. I have also proxied
internally to an IIS 5.0 server running on Windows 2000 without issues. It
just seems to be an issue with IIS running on Windows 2003. There is one
google hit on this and it points to Windows 2003, with a solution of
removing the PorxyPassReverse directive which I have done with no positive
effect.
I am pretty much at a loss here. The IIS server is fine without the proxy,
the apache proxy is fine hitting other backend environments. It seems to be
an inter-operability issue. If this is not the appropriate forum then
please advise and I will re-post to that location
Thanks for the help.
Matt