On 08/06/2009 07:50 PM, Tom Wilkie wrote: > Hi > > Bear with me, I'm new to this list. I think I've found a bug in > mod_proxy / mod_proxy_connect. > > I'm running apache in both forward and reverse proxy mode. The idea is > :- reverse proxy gives people outside firewall access to websites on > different VMs inside via one IP, and forward proxy is to allow them to > log in via ssh. > > A trimmed down conf file: > > ====== > > NameVirtualHost *:443 > > SSLCertificateFile /etc/apache2/ssl/default-ssl > > LogLevel debug > ErrorLog /var/log/apache2/error.log > CustomLog /var/log/apache2/access.log combined > > <VirtualHost *:443> > SSLEngine on > ServerName proxy.domain.com > > ProxyRequests on > AllowCONNECT 22 > ProxyVia on > > <Proxy *.domain.com> > AuthType Basic > AuthBasicProvider ldap > AuthName "Domain" > > AuthzLDAPAuthoritative off > AuthLDAPURL > "ldap://ldap.domain.com/ou=People,dc=domain,dc=com"; > Require valid-user > </Proxy> > </VirtualHost> > > <VirtualHost *:443> > SSLEngine on > ServerName wiki.domain.com > ProxyPass / http://wiki.domain.com/ > > <Location /> > AuthType Basic > AuthBasicProvider ldap > AuthName "Domain" > > AuthzLDAPAuthoritative off > AuthLDAPURL > "ldap://ldap.domain.com/ou=People,dc=domain,dc=com"; > Require valid-user > </Location> > </VirtualHost> > > ======= > > SSH connects fine if the second <VirtualHost> clause isn't there, but > fails if it is:
Try reversing the order of the VirtualHosts in your config. The CONNECT method always falls into the default virtual host. Regards RĂ¼diger
