RE: [users@httpd] Reverse Proxy HTTPS

Tue, 18 Mar 2008 11:55:19 -0700 

Joshua,
 
Thank you for your feedback. 
 
> You can do simple port-forwarding (not HTTP proxying) to pass along> the 
> encrypted stream, but then you have to do it for the whole server,> not just 
> the /clustertest path.
Could you tell me which modules in Apache I'd use for port forwarding?Thanks,Jim
 
 
 
> Date: Tue, 18 Mar 2008 14:41:28 -0400> From: [EMAIL PROTECTED]> To: 
> [email protected]> Subject: Re: [EMAIL PROTECTED] Reverse Proxy HTTPS> > 
> On Tue, Mar 18, 2008 at 1:38 PM, James Ellis <[EMAIL PROTECTED]> wrote:> >> > 
> I am trying to get a reverse proxy working for the following architecture:> 
> >> > Browser --> HTTPS --> ServerA --> HTTPS --> Server B> >> > I can get a 
> half-a$$ solution working like this:> >> > <VirtualHost _default_:443>> > 
> SSLProxyEngine on> > SSLEngine on> > SSLCertificateFile "C:/Program 
> Files/Apache Software> > Foundation/Apache2.2/conf/server.crt"> > 
> SSLCertificateKeyFile "C:/Program Files/Apache Software> > 
> Foundation/Apache2.2/conf/server.key"> > ProxyPass /clustertest 
> https://XXX.XXX.X.XXX:444/clustertest> > </VirtualHost>> >> > ...but this 
> isn't exactly how I want it. It's taking the certificate from> > ServerA and 
> encrypting request, but then creating a new SSL session to talk> > to 
> ServerB.> >> > I would like to be able to take the certificate from ServerB, 
> encrypt the> > request and have ServerA just "pass on" the whole encrypted 
> request to> > ServerB.> >> > Is this possible?> > What you want can't work 
> because the path information is inside the> encrypted request and that will 
> only be available to ServerA if it> decrypts the request.> > You can do 
> simple port-forwarding (not HTTP proxying) to pass along> the encrypted 
> stream, but then you have to do it for the whole server,> not just the 
> /clustertest path.> > Joshua.> > 
> ---------------------------------------------------------------------> The 
> official User-To-User support forum of the Apache HTTP Server Project.> See 
> <URL:http://httpd.apache.org/userslist.html> for more info.> To unsubscribe, 
> e-mail: [EMAIL PROTECTED]> " from the digest: [EMAIL PROTECTED]> For 
> additional commands, e-mail: [EMAIL PROTECTED]>

Reply via email to