Reputation: 21
Apache https reverse proxy with Tomcat
Well, I looked everywhere I could, but if some know where I could find a solution, sorry for asking once again the question.
We are looking to implement this solution : HTTP client -> Apache 2.4 Reverse Proxy -> HTTP Server => Works OK HTTPS client -> Apache 2.4 Reverse Proxy -> HTTPS Server => Works OK
But, when the HTTPS server replies with a "302" redirection header, the server name in the header is not translated to the client-side known server name. So, the client fail to connect, due to a DNS error.
We can't add the backend server name in the DNS, so we need that solution to work.
Important notice: the same works in HTTP. It means that when the server reply is a "302" redirection header in HTTP, there's no problem. It works even if the target of the redirection is a HTTPS link. So what is not working is redirecting from HTTPS to HTTPS. The backend webserver is Tomcat.
The problem is: in HTTPS header, the redirection URL is "https://[backendname]/something.html" but we expect it to be "https://[servername]/something.html"
We've checked that we have no error in log file (error level set to "debug").
Here is our virtual site configuration:
<VirtualHost [reverse proxy IP]:443>
SSLEngine on
SSLProxyEngine on
SSLCertificateFile D:/Apache24/ssl/certs/servername.cer
SSLCertificateKeyFile D:/Apache24/ssl/private/servername.key
ServerName [servername]
ProxyPass / https://[backendname]:443/
ProxyPassReverseCookiePath / https://[backendname]:443/
ProxyPassReverse / https://[backendname]:443/
SetOutputFilter proxy-html
ProxyHTMLEnable On
ProxyHTMLURLMap https://[backendname] https://[servername]
ErrorLog D:/Apache24/logs/custom/[servername]_error.log
CustomLog D:/Apache24/logs/custom/[servername]_access.log combined
SetEnv nokeepalive ssl-unclean-shutdown
</VirtualHost>
Problem related Apache activated modules:
LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_connect_module modules/mod_proxy_connect.so
LoadModule proxy_html_module modules/mod_proxy_html.so
LoadModule proxy_http_module modules/mod_proxy_http.so
LoadModule rewrite_module modules/mod_rewrite.so
LoadModule xml2enc_module modules/mod_xml2enc.so
So, any help to make this work will be greatly appreciated.
Thanks.
Upvotes: 1
Views: 1502
Answers (1)
Reputation: 21
Here is the working solution, as suggested by Michael Akerman
- disable caching
- write new instruction: ProxyPassReverse https://[backend]/
Thanks for your help
Upvotes: 1
Related Questions
- Apache HTTPS Reverse Proxy URL Redirection
- Apache Reverse Proxy https to http
- Configure Tomcat8 behind Apache with HTTPS
- Redirect http to https by configuring .conf file of apache
- Apache, Tomcat & SSL: ProxyPass and ProxyPassReverse
- how to configure on Apache proxy (SSL conection) to Tomcat
- Tomcat App Reverse Proxy with Apache http server
- Configuring Apache as reverse proxy to Tomcat using https
- Configure Apache as reverse proxy and tomcat over https
- How to get tomcat to send redirects as https urls when apache handles ssl