Set up two virtual servers for the same IP, one on port 80 (with just simple proxy rules). Confirm this works.
Then, set up a virtual server on port 443 with the same proxy stuff. You reference the certificate file there. Phil > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED]]On Behalf Of > [EMAIL PROTECTED] > Sent: Monday, June 24, 2002 7:54 AM > To: [EMAIL PROTECTED] > Subject: Reverse proxying of SSL traffic > > > Hi list, > > I have a requirement to set up a reverse proxy (web > accelerator) which will > accept incoming HTTP and HTTPS connections (using our > Verisign credentials > on the proxy) and proxy those requests to other web servers. > > The catch is I need the connection between the proxy and the > web server to > be HTTPS if and only if the incoming connection to the proxy > is HTTPS. I > will be using self-signed certificates on the web servers. > > Apache+mod_ssl looks like it can do this with > ProxyPass/ProxyPassReverse > but where do I reference the self signed certificate of the > web server in > httpd.conf? > > At the moment I get the following error in my browser when I > try to use the > reverse proxy: > > Proxy Error > The proxy server received an invalid response from an upstream server. > > > The proxy server could not handle the request GET /. > > > Reason: SSL proxy connect failed > (slrsdct1.internal.standardlife.com:443): > peer 172.31.100.31:443: decryption failed or bad record mac > > > Thanks in advance. > > Michael Pacey > > > > For more information on Standard Life, visit our website > http://www.standardlife.com/ > > The Standard Life Assurance Company, Standard Life House, 30 > Lothian Road, > Edinburgh EH1 2DH, is registered in Scotland (No. SZ4) and > regulated by the > Financial Services Authority. Tel: 0131 225 2552 - calls may > be recorded or > monitored. This confidential e-mail is for the addressee > only. If received > in error, do not retain/copy/disclose it without our consent > and please > return it to us. We virus scan and monitor all e-mails but are not > responsible for any damage caused by a virus or alteration by > a third party > after it is sent. > > ______________________________________________________________________ > Apache Interface to OpenSSL (mod_ssl) www.modssl.org > User Support Mailing List [EMAIL PROTECTED] > Automated List Manager [EMAIL PROTECTED] > ______________________________________________________________________ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]