Re: [apache-ssl] How to make ProxyPass work?

To: apache-ssl@lists.aldigital.co.uk
Subject: Re: [apache-ssl] How to make ProxyPass work?
From: Adam Laurie <adam@algroup.co.uk>
Date: Thu, 22 Jun 2000 09:09:07 +0100
Delivered-to: mailing list apache-ssl@lists.aldigital.co.uk
List-help: apache-ssl-help@lists.aldigital.co.uk
List-of-last-resort: apache-ssl-owner@lists.aldigital.co.uk
List-unsubscribe: apache-ssl-unsubscribe@lists.aldigital.co.uk
Mailing-list: contact apache-ssl-help@lists.aldigital.co.uk; run by ezmlm
Organization: http://www.apache-ssl.org
References: <3.0.32.20000622143508.0096b830@pop3.unsw.edu.au>
Reply-to: apache-ssl@lists.aldigital.co.uk

Rob Moser wrote:
> 
> In response to my query about getting ProxyPass to work, Ben Laurie wrote:
> >We've used it, and it works for us.
> 
> and Victor wrote:
> >Well, it does work (for me at least it worked). Here is what I have
> [Victor's config snipped]
> 
> Good to know it works then, and that somebody is using it; I'd hate to be
> chasing wild geese here.  I compared my config to yours Victor, and the
> only difference is that you've set your ProxyPass up in a VirtualHost
> directive while I have not (I want this particular Apache server to
> re-route EVERYTHING.)  Is this necessary?
> 
> When first I asked this question I sent along what I thought to be the
> relevant bits of my config file, which people have mostly said looks all
> right.  This makes me suspect that I'm a lousy judge of whats relevant...
> I've also got a couple of snippets from people's configs that seem to match
> mine fairly closely, so I'm wondering about the snipped bits.  Would anyone
> who is successfully using ProxyPass be willing to send me your whole config
> file (with any hostnames or other private info snipped, of course)?  I'd
> just like to check and see where else we might differ.
> 
> Alternately, I've attached my entire config below (sans comments) and would
> love advice; I just figured asking anyone to read through the whole thing
> was a bit much.  Again, the server is starting up fine but requests to
> https://server:443 just drop me into /usr/local/apache/htdocs as if
> ProxyPass weren't set.  Is there a conflict with my <Directory /> or
> DocumentRoot settings?  Do I need to set those at all if I'm using
> ProxyPass / <elsewhere>?

I would try setting it to proxy a specific location - that way you see
if it's a conflict. Alternatively, start with a very simple config and
build up from there. Here's one from a known to be working test server:

  ServerName proxy.my.net
  ServerType standalone
  ServerAdmin webserv@aldigital.co.uk
  User nobody
  Group nobody
  Port 443
  Listen 443

  SSLVerifyClient 0
  SSLVerifyDepth 10
  SSLCertificateKeyFile /apache/certs/proxy.my.net.key
  SSLCertificateFile /apache/certs/proxy.my.net.cert
  SSLCacheServerPath /apache/bin/gcache
  SSLCacheServerPort /apache/cache/proxy.my.net.socket
  SSLSessionCacheTimeout 360
  SSLEnable

  DocumentRoot /apache/hosts/proxy.my.net/Docs
  TransferLog /apache/logs/proxy.my.net.access.log                 
  ErrorLog /apache/logs/proxy.my.net.error.log                 

  ProxyPass /proxy https://10.1.1.1/ 
  ProxyPassReverse /proxy https://10.1.1.1/ 

The only major difference I can see is that you're proxying to a non-SSL
server. Not sure if that's relevant as I've never tried it that way.

cheers,
Adam
--
Adam Laurie                   Tel: +44 (181) 742 0755
A.L. Digital Ltd.             Fax: +44 (181) 742 5995
Voysey House                  
Barley Mow Passage            http://www.aldigital.co.uk
London W4 4GB                 mailto:adam@algroup.co.uk
UNITED KINGDOM                PGP key on keyservers

References:
- Re: [apache-ssl] How to make ProxyPass work?
  - From: Rob Moser <moser@unsw.edu.au>

Prev by Date: Re: [apache-ssl] How to make ProxyPass work?
Next by Date: Re: [apache-ssl] problem in starting the httpsdctl
Previous by thread: Re: [apache-ssl] How to make ProxyPass work?
Next by thread: Can I create my own SSL Certificate?
Index(es):
- Date
- Thread