I think the configuration file, as shown in the bug report, has a bug; the last location should probably be
<Location /snac> ProxyPass http://127.0.0.1:8001/snac ProxyPreserveHost On RequestHeader set X-Forwarded-Proto 'https' env=HTTPS </Location> Note the leading /snac at the end of ProxyPass; with the proposed configuration, the data reaches the snac server correctly, but the path is truncated to /USER/inbox (instead of the expected /snac/USER/inbox), and as the path is used in the HTTP Signature, the validation fails. Hope it helps (I'm by no means an Apache2 expert and use nginx myself with snac). Best regards, Ángel Ortega