top button
Flag Notify
    Connect to us
      Site Registration

Site Registration

HTTP Rewrite to HTTPS proxy works but direct HTTPS doesn't proxy

0 votes
308 views

After looking this over I've located the issue but haven't determined how to best implement the resolution.

The problem is that when folks access HTTP (via httpd-vhosts.conf) the configuration Rewrites the URL as https://www.yippyskippy.com/ClusterTester$1

When end-users bypass the HTTP configuration and go directly to HTTPS the httpd-ssl.conf file has been configured to expect that the Rewrite has already occurred and that the /ClusterTester$1 suffix already exists.

Because the original httpd-vhosts.conf Rewrite command is bypassed, the httpd-ssl.conf configuration tries to proxypass the incorrect URL string to the back-end Glassfish server resulting in the original error.

Now I'm trying to determine how/where to best place the Rewrite command (I'm assuming within the httpd-ssl.conf virtual hosts section) while still maintaining the redirect from HTTP to HTTPS.

posted Jun 25, 2013 by anonymous

Looking for an answer?  Promote on:
Facebook Share Button Twitter Share Button LinkedIn Share Button

Similar Questions
+6 votes

I have a reverse proxy (apache 2.2) with mod_proxy_balancer with https visible to the outside world.

The question is: from the proxy performance/scalability point of view is it better to configure backends (origin servers) with http or with https?

Is it true that if proxy is setup https->http then it only has to decrypt/encrypt the headers and the body is encrypted/decrypted on the backend? I do not use mod_proxy_html (but maybe there are other modules which affect this behaviour on the proxy?.

How either setup affects latency of handling requests? With https->https do I have to do two handshakes (on the proxy and on the backend) for every connection? I have KeepAlive both on the proxy and the backends.

+1 vote

Just set up a FreeBSD jail to run httpd in it and all works good except these two, rewrite/proxy modules.

These are error logs excerpts:

MOD_REWRITE error: 
[rewrite:crit] [pid 43447] (13)Permission denied: AH00666: mod_rewrite: could not init rewrite_mapr_lock_acquire in child 
MOD_PROXYÂ error: 
[proxy:crit] [pid 43447] (13)Permission denied: AH02479: could not init proxy_mutex in child 

Not sure permissions of what are being denied as html in document root is being served just fine when these modules are disabled.

I tried googling but found nothing but rubbish. Please help?

+5 votes

WE are trying to setup HTTPS tunnelling to a backend server through Apache proxy but we are finding the client connect but Apache does not send through the traffic the backend server.

Config we have on our Apache proxy virtual host is

DocumentRoot "/usr/local/apache/htdocs/ibcm/" 
ServerName test.testdom.local 
ErrorLog logs/ibcm 
ServerAdmin webmaster@testdom.local 
ProxyRequests On 
AllowConnect 443 
SSLEngine on 
SSLHonorCipherOrder On 
SSLProtocol -ALL SSLv3 TLSv1 
SSLCipherSuite ALL:!aNULL:!ADH:!eNULL:!LOW:!EXP:RC4RSA:HIGH:MEDIUM 
SSLCertificateFile "/etc/ssl/crt/ibcm.crt" 
SSLCertificateKeyFile "/etc/ssl/crt/testdom.key" 
SSLCertificateChainFile "/etc/ssl/crt/CA-DOM.crt" 
 Order deny,allow 
 Deny from all 
 Order deny,allow 
 Allow from all 

Anybody know what we are not doing correctly. Also we found Apache would not start without us putting in the root certificate. Thought it would not need any certificate for tunnelling so wonder if we have missed something.

+2 votes

I want to run three virtual hosts on separate IP addresses for notification messages (the reason is due to how the network kit does the redirection of traffic)

On each of these virtual hosts I want a request for any URI to be sent to the document root default (/index.html or just /)

What the best way to achieve this per virtual host?

...