Set up two virtual servers for the same IP, one on port 80 (with just simple
proxy rules). Confirm this works.
Then, set up a virtual server on port 443 with the same proxy stuff. You
reference the certificate file there.
Phil
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED]]On Behalf Of
> [EMAIL PROTECTED]
> Sent: Monday, June 24, 2002 7:54 AM
> To: [EMAIL PROTECTED]
> Subject: Reverse proxying of SSL traffic
>
>
> Hi list,
>
> I have a requirement to set up a reverse proxy (web
> accelerator) which will
> accept incoming HTTP and HTTPS connections (using our
> Verisign credentials
> on the proxy) and proxy those requests to other web servers.
>
> The catch is I need the connection between the proxy and the
> web server to
> be HTTPS if and only if the incoming connection to the proxy
> is HTTPS. I
> will be using self-signed certificates on the web servers.
>
> Apache+mod_ssl looks like it can do this with
> ProxyPass/ProxyPassReverse
> but where do I reference the self signed certificate of the
> web server in
> httpd.conf?
>
> At the moment I get the following error in my browser when I
> try to use the
> reverse proxy:
>
> Proxy Error
> The proxy server received an invalid response from an upstream server.
>
>
> The proxy server could not handle the request GETÂ /.
>
>
> Reason: SSL proxy connect failed
> (slrsdct1.internal.standardlife.com:443):
> peer 172.31.100.31:443: decryption failed or bad record mac
>
>
> Thanks in advance.
>
> Michael Pacey
>
>
>
> For more information on Standard Life, visit our website
> http://www.standardlife.com/
>
> The Standard Life Assurance Company, Standard Life House, 30
> Lothian Road,
> Edinburgh EH1 2DH, is registered in Scotland (No. SZ4) and
> regulated by the
> Financial Services Authority. Tel: 0131 225 2552 - calls may
> be recorded or
> monitored. This confidential e-mail is for the addressee
> only. If received
> in error, do not retain/copy/disclose it without our consent
> and please
> return it to us. We virus scan and monitor all e-mails but are not
> responsible for any damage caused by a virus or alteration by
> a third party
> after it is sent.
>
> __
> Apache Interface to OpenSSL (mod_ssl) www.modssl.org
> User Support Mailing List [EMAIL PROTECTED]
> Automated List Manager[EMAIL PROTECTED]
>
__
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager[EMAIL PROTECTED]