Apache ProxyPass with SSL

apache-2.2 ssl proxy proxypass

I want to proxy requests from an SSL site via a non-SSL site. My Apache httpd.conf looks like this:

<VirtualHost 1.2.3.4:80>
    ServerName foo.com
    ProxyPass / https://bar.com/
</VirtualHost>

So, when I visit http://foo.com, I expect apache to make a request to https://bar.com and send me the the page it fetched.

Instead, I get a 500 error, and in the error log, I see:

[error] proxy: HTTPS: failed to enable ssl support for 4.3.2.1:443 (bar.com)

Presumably I'm missing a directive here. Which might it be?

Never mind the security implications. I fully understand the risks.


Solution 1:

You'll need mod_ssl, mod_proxy and optionally mod_rewrite. Depending on your distribution and Apache version you may have to check if mod_proxy_connect and mod_proxy_http are loaded as well.

The directives for enabling SSL proxy support are in mod_ssl:

<VirtualHost 1.2.3.4:80>
    ServerName foo.com
    SSLProxyEngine On
    SSLProxyCheckPeerCN on
    SSLProxyCheckPeerExpire on
    ProxyPass / https://secure.bar.com
    ProxyPassReverse / https://secure.bar.com
</VirtualHost>

IIRC you can also use:

    RewriteRule / https://secure.bar.com [P]    # don't forget to setup SSLProxy* as well

Solution 2:

In Apache 1.x, mod_ssl would fix up ProxyPass. Do you have mod_ssl installed?

Related

What's the easiest way to make my old init script work in systemd?
Drawbacks of mounting a filesystem with noatime?
How can I query my system via command line to see if a KB patch is installed?
How do you document a network?
Supervisor HTTP Server Port Issue
Prevent Windows Server 2012 from forcing a reboot after updates
How does vm.overcommit_memory work?
How can I monitor what logrotate is doing?
Turn off pager for psql's interactive output
How can I create a location in nginx that works with AND without a trailing slash?
DNS failing to propagate worldwide
automate dpkg-reconfigure tzdata