Menu
here is what I tired to do:
Apache error log:
[client 192.168.2.157] SSL Proxy requested for test.xxx.com:443 but not enabled [Hint: SSLProxyEngine]
[error] proxy: HTTPS: failed to enable ssl support for 192.168.2.157:443 (test.xxx.com)
Then I tried use apache(on the internet) proxy to https://google.com and the error log is the same.
However,https to http works. browser -internet-> https(Apache proxypass)-intranet->(Apache http)
My config:
<VirtualHost *:443>
SSLEngine on
SSLCertificateFile /etc/apache2/ssl/xxx_com.crt
SSLCertificateKeyFile /etc/apache2/ssl/xxx_com.key
SSLCertificateChainFile /etc/apache2/ssl/sub.class2.server.ca.pem
ProxyPreserveHost On
ProxyRequests Off
ProxyVia Off
AllowEncodedSlashes NoDecode
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
ProxyPass / https://2w.xxx.com/
ProxyPassReverse / https://2w.xxx.com/
ServerName test.xxx.com
RequestHeader set X-Forwarded-Proto "https"
RequestHeader set X-Forwarded-Port "443"
ErrorLog "/var/log/apache2/error-ssl.log"
</VirtualHost>
OR:
<VirtualHost *:443>
ProxyPass / https://google.com/
ProxyPassReverse / https://google.com/
SSLEngine on
SSLCertificateFile /etc/apache2/ssl/xxx_com.crt
SSLCertificateKeyFile /etc/apache2/ssl/xxx_com.key
SSLCertificateChainFile /etc/apache2/ssl/sub.class2.server.ca.pem
ServerName test.xxx.com
</VirtualHost>
Seems like it's not possible for apache to handle https to https? if apache does not support this how about nginx?
656
ProxyPassReverse will intercept those headers, and rewrite them to match the Apache proxy server. ProxyPass will create a reverse proxy. A reverse proxy (or gateway), appears to the client just like an ordinary web server. The client makes ordinary requests for content in the namespace of the reverse proxy.
An ordinary forward proxy is an intermediate server that sits between the client and the origin server. In order to get content from the origin server, the client sends a request to the proxy naming the origin server as the target. The proxy then requests the content from the origin server and returns it to the client.
ProxyPass is the main proxy configuration directive. In this case, it specifies that everything under the root URL ( / ) should be mapped to the backend server at the given address.
<VirtualHost *:443>
SSLEngine On
SSLProxyEngine On
ServerName my.example.com:443
SSLCertificateFile "${SRVROOT}/conf/ssl/example.pem"
SSLCertificateKeyFile "${SRVROOT}/conf/ssl/example.key"
ErrorLog "|bin/rotatelogs.exe -l /var/logs/apache/example/error.%Y-%m-%d.log 86400"
CustomLog "|bin/rotatelogs.exe -l /var/logs/apache/example/ssl_request.%Y-%m-%d.log 86400" \
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
ProxyRequests Off
ProxyPass / https://www.google.com/
<Location />
ProxyPassReverse /
Options FollowSymLinks
Require all granted
</Location>
</VirtualHost>
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
