current community

your communities

more stack exchange communities

Stack Exchange
tour help
Take the 2-minute tour ×
Unix & Linux Stack Exchange is a question and answer site for users of Linux, FreeBSD and other Un*x-like operating systems. It's 100% free, no registration required.
up vote 0 down vote favorite

I have the following ReverseProxy set up which works for http requests:

NameVirtualHost *:80
<VirtualHost *:80>
ServerName sub.domain.com
ProxyRequests Off
ProxyVia Off
<Proxy *>
Order deny,allow
Allow from all
</Proxy>                              
ProxyPass / http://localhost:5010
ProxyPassReverse / http://localhost:5010/
</VirtualHost>

My question is, how can I handle https requests too if my backend (at :5010) doesn't support https?

So for example something like this: Client---https--->Apache----http---->Service

share|improve this question

1 Answer 1

up vote 1 down vote accepted

The transport method of the connection between the client and this httpd instance is totally independent of the transport method between the httpd instance and the server you are proxying to. That means, just put the proxy lines (at least ProxyPass and ProxyPassReverse) to your HTTPS configuration:

NameVirtualHost *:443
<VirtualHost *:443>
    ServerName sub.domain.com

    # Certificate stuff goes here...
    SSLEngine on
    SSLCertificateFile              /etc/pki/http/certs/sub.domain.com.crt
    SSLCertificateKeyFile   /etc/pki/http/private/sub.domain.com.key
    SSLCertificateChainFile /etc/pki/http/certs/interims-cert.crt
    SSLProtocol All -SSLv2 -SSLv3
    SSLHonorCipherOrder on
    SSLCipherSuite +EDH:HIGH:!LOW:!ADH:-MEDIUM:RC4+SHA

    ProxyRequests Off
    ProxyVia Off
    <Proxy *>
        Order deny,allow
        Allow from all
    </Proxy>                              
    ProxyPass / http://localhost:5010
    ProxyPassReverse / http://localhost:5010/
</VirtualHost>

The SSL* directives are just for example purpose! You should check on how to securely configure an httpd for HTTPS.

share|improve this answer

Your Answer

 
discard

By posting your answer, you agree to the privacy policy and terms of service.

Not the answer you're looking for? Browse other questions tagged or ask your own question.