You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by Joe Williams <jw...@ntegrated.net> on 2013/05/24 20:11:49 UTC

[users@httpd] RE: ReverseProxy

https-ssl.conf configuration as well if needed

Listen 443

<VirtualHost _default_:443>

DocumentRoot "/etc/apache2.4//htdocs"
ErrorLog "/etc/apache2.4/logs/error_log"
TransferLog "/etc/apache2.4/logs/access_log"

SSLEngine on
SSLProxyEngine On
SSLCertificateFile /etc/apache2.4/sslcerts/sip.externaldomain.com.crt
SSLCertificateKeyFile /etc/apache2.4/sslcerts/sip_externaldomain_com.key
SSLCACertificateFile /etc/apache2.4/sslcerts/gd_bundle.crt


KeepAlive On
ProxyReceiveBufferSize 4096
ProxyPass / https://x.y.z.z:4443/
ProxyPassReverse / https://x.y.z.z:4443/
ProxyPreserveHost On



<FilesMatch "\.(cgi|shtml|phtml|php)$">
    SSLOptions +StdEnvVars
</FilesMatch>
<Directory "/etc/apache2.4//cgi-bin">
    SSLOptions +StdEnvVars
</Directory>

BrowserMatch "MSIE [2-5]" \
         nokeepalive ssl-unclean-shutdown \
         downgrade-1.0 force-response-1.0

CustomLog "/etc/apache2.4//logs/ssl_request_log" \
          "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"

</VirtualHost>

Thanks,
Joe

[cid:image001.png@01CDC0EB.89A6A5E0]
Joe Williams
Ntegrated Solutions<http://www.ntegrated.net/>
Noc Engineer
214-432-3600 ext 314 Office
214-432-3601 fax
jwilliams@ntegrated.net<ma...@ntegrated.net>
www.ntegrated.net<http://www.ntegrated.net/>

From: Joe Williams [mailto:jwilliams@ntegrated.net]
Sent: Friday, May 24, 2013 1:05 PM
To: users@httpd.apache.org
Subject: [users@httpd] ReverseProxy

I am setting up apache2.4.4 with SSL to use as a reverse proxy. SSL is enabled using a public godaddy certificate. This supposed to be passing requests on 443 to a backend IIS server on a CA certificate to port 4443

Browsing to the url for the IIS site throws the following errors in the apache logs

[Fri May 24 12:37:37.418570 2013] [proxy_http:error] [pid 8384:tid 3061840704] (502)Unknown error 502: [client a.b.c.c:54018]
AH01084: pass request body failed to x.y.z.z:4443 (x.y.z.z:)
[Fri May 24 12:37:37.418756 2013] [proxy:error] [pid 8384:tid 3061840704] [client a.b.c.c:54018] AH00898: Error during SSL Ha
ndshake with remote server returned by /
[Fri May 24 12:37:37.418767 2013] [proxy_http:error] [pid 8384:tid 3061840704] [client a.b.c.c:54018] AH01097: pass request b
ody failed to x.y.z.z:4443 (x.y.z.z:) from a.b.c.c ()


Not really sure what to troubleshoot from here, any help would be greatly appreciated

Thanks,
Joe


[cid:image001.png@01CDC0EB.89A6A5E0]
Joe Williams
Ntegrated Solutions<http://www.ntegrated.net/>
Noc Engineer
214-432-3600 ext 314 Office
214-432-3601 fax
jwilliams@ntegrated.net<ma...@ntegrated.net>
www.ntegrated.net<http://www.ntegrated.net/>