DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUGĀ· RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT <http://issues.apache.org/bugzilla/show_bug.cgi?id=41926>. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED ANDĀ· INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=41926 Summary: Timeout, Unavailable. Rev proxy "proxyremote" https via a http proxy...was Bug 19188 Product: Apache httpd-2 Version: 2.2.4 Platform: Sun OS/Version: Solaris Status: NEW Severity: normal Priority: P2 Component: mod_proxy AssignedTo: [email protected] ReportedBy: [EMAIL PROTECTED] Setup: Client-->----https://internal.domA.com---->--ApacheRevProxy ApacheRevProxy-->----http via squid cache---->--external https web site ApacheRevProxy doing URL rewrite to https://external.domB.com ApacheRevProxy fetching URL via SquidCache Under Bug: 19188 there was a patch posted to get around this issue. http://issues.apache.org/bugzilla/attachment.cgi?id=11552 This patch works well; under 2.0.48, but is not applicable to the current 2.2 stream. Is it possible to get the patch changed to apply to 2.2 or current issue address please? Below are the current configs and debug from output. Apache sends back to the client: Service Temporarily Unavailable Rev Proxy Virtual Host Config: ------------------------------ ProxyRequests Off ServerName internal.domA.com:443 SSLProxyEngine on RewriteEngine on SetOutputFilter proxy-html ProxyHTMLExtended On RequestHeader unset accept-encoding RequestHeader set Referer https://external.domB.com/ ProxyPass / https://external.domB.com/ ProxyPassReverseCookieDomain internal.domA.com external.domB.com ProxyHTMLURLMap https://external.domB.com https://internal.domA.com/ <Location /> ProxyPassReverse https://external.domB.com/ SetOutputFilter proxy-html ProxyHTMLExtended On ProxyHTMLURLMap / / RequestHeader unset accept-encoding </Location> ProxyRemote * http://squid.cache.server:8080 ------------------------------ Debug Logs: ----------- [Thu Mar 22 13:15:48 2007] [info] Initial (No.1) HTTPS request received for child 0 (server internal.domA.com:443) [Thu Mar 22 13:15:48 2007] [debug] mod_proxy_http.c(54): proxy: HTTP: canonicalising URL //external.domB.com/ [Thu Mar 22 13:15:48 2007] [debug] proxy_util.c(1378): [client 192.168.100.219] proxy: https: found worker https://external.domB.com/ for https://external.domB.com/, referer: https://external.domB.com/ [Thu Mar 22 13:15:48 2007] [debug] mod_proxy.c(754): Trying to run scheme_handler against proxy [Thu Mar 22 13:15:48 2007] [debug] mod_proxy_http.c(1662): proxy: HTTP: serving URL https://external.domB.com/ [Thu Mar 22 13:15:48 2007] [debug] proxy_util.c(1739): proxy: HTTPS: retrying the worker for (external.domB.com) [Thu Mar 22 13:15:48 2007] [debug] proxy_util.c(1745): proxy: HTTPS: worker for (external.domB.com) has been marked for retry [Thu Mar 22 13:15:48 2007] [debug] proxy_util.c(1798): proxy: HTTPS: has acquired connection for (external.domB.com) [Thu Mar 22 13:15:48 2007] [debug] proxy_util.c(1859): proxy: connecting https://external.domB.com/ to external.domB.com:443 [Thu Mar 22 13:15:48 2007] [debug] proxy_util.c(1955): proxy: connected https://external.domB.com/ to squid.cache.server:8080 [Thu Mar 22 13:15:48 2007] [debug] proxy_util.c(2050): proxy: HTTPS: fam 2 socket created to connect to external.domB.com [Thu Mar 22 13:15:48 2007] [debug] proxy_util.c(2146): proxy: HTTPS: connection complete to squid.cache.server:8080 (squid.cache.server) [Thu Mar 22 13:15:48 2007] [info] [client squid.cache.server] Connection to child 0 established (server internal.domA.com:443) [Thu Mar 22 13:15:48 2007] [info] Seeding PRNG with 0 bytes of entropy [Thu Mar 22 13:15:48 2007] [debug] ssl_engine_kernel.c(1752): OpenSSL: Handshake: start [Thu Mar 22 13:15:48 2007] [debug] ssl_engine_kernel.c(1760): OpenSSL: Loop: before/connect initialization [Thu Mar 22 13:15:48 2007] [debug] ssl_engine_kernel.c(1760): OpenSSL: Loop: SSLv2/v3 write client hello A [Thu Mar 22 13:20:48 2007] [debug] ssl_engine_io.c(1786): OpenSSL: I/O error, 7 bytes expected to read on BIO#805b98 [mem: 911d60] [Thu Mar 22 13:20:48 2007] [debug] ssl_engine_kernel.c(1789): OpenSSL: Exit: error in SSLv2/v3 read server hello A [Thu Mar 22 13:20:48 2007] [info] [client squid.cache.server] SSL Proxy connect failed [Thu Mar 22 13:20:48 2007] [info] [client squid.cache.server] Connection closed to child 0 with abortive shutdown (server internal.domA.com:443) [Thu Mar 22 13:20:48 2007] [error] (502)Unknown error: proxy: pass request body failed to squid.cache.server:8080 (squid.cache.server) [Thu Mar 22 13:20:48 2007] [error] (502)Unknown error: proxy: pass request body failed to squid.cache.server:8080 (squid.cache.server) from 192.168.100.219 () [Thu Mar 22 13:20:48 2007] [debug] proxy_util.c(1816): proxy: HTTPS: has released connection for (external.domB.com) [Thu Mar 22 13:20:48 2007] [debug] mod_proxy.c(777): Running scheme https handler (attempt 0) [Thu Mar 22 13:20:48 2007] [debug] mod_proxy_http.c(1662): proxy: HTTP: serving URL https://external.domB.com/ [Thu Mar 22 13:20:48 2007] [debug] proxy_util.c(1798): proxy: HTTPS: has acquired connection for (external.domB.com) [Thu Mar 22 13:20:48 2007] [debug] proxy_util.c(1859): proxy: connecting https://external.domB.com/ to external.domB.com:443 [Thu Mar 22 13:20:48 2007] [debug] proxy_util.c(1955): proxy: connected / to external.domB.com:443 [Thu Mar 22 13:20:48 2007] [debug] proxy_util.c(2050): proxy: HTTPS: fam 2 socket created to connect to external.domB.com [Thu Mar 22 13:24:32 2007] [error] (145)Connection timed out: proxy: HTTPS: attempt to connect to 203.203.100.15:443 (external.domB.com) failed [Thu Mar 22 13:24:32 2007] [error] ap_proxy_connect_backend disabling worker for (external.domB.com) [Thu Mar 22 13:24:32 2007] [debug] proxy_util.c(1816): proxy: HTTPS: has released connection for (external.domB.com) -- Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
