You need SSLProxyEngine On ONLY if you intend to proxy to a SSL-enabled server as seems to be your case.
However if your reverse proxy takes care of SSL termination, encrypting the backend connection may not be very useful. -ascs -----Message d'origine----- De : news [mailto:[EMAIL PROTECTED] De la part de Zvi Kave Envoyé : lundi 7 janvier 2008 15:49 À : users@httpd.apache.org Objet : [EMAIL PROTECTED] Re: Re: Reverse Proxy to SSL web server: configuration example Axel, To complete all the parameters, I saw that directive SSLProxyEngine On is needed as well.(It was hiding there from previous test) So to make it clear, here are the successfull directives: (The SSL key/crt files are copied from the web server) <VirtualHost *:80> ServerAdmin [EMAIL PROTECTED] ServerName proxy80.com ProxyPass / http://mywebserver.com/ ProxyPassReverse / http://mywebserver.com/ ErrorLog logs/error80.log TransferLog logs/access80.log </VirtualHost> # This creates a virtual host for SSL conections. They'll be proxy'ed w/o SSL. <VirtualHost *:443> ServerAdmin [EMAIL PROTECTED] ServerName proxy443.com SSLProxyEngine On ProxyPass / https://mywebserver.com/ ProxyPassReverse / https://mywebserver.com/ SSLEngine on SSLCertificateFile /etc/httpd/conf/server.crt SSLCertificateKeyFile /etc/httpd/conf/server.key ErrorLog logs/ssl-error.log TransferLog logs/ssl-access.log </VirtualHost> Best regards, Zvi "Axel-Stephane SMORGRAV" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] Definitely yes. -ascs -----Message d'origine----- De : news [mailto:[EMAIL PROTECTED] De la part de Zvi Kave Envoyé : lundi 7 janvier 2008 15:02 À : users@httpd.apache.org Objet : [EMAIL PROTECTED] Re: Reverse Proxy to SSL web server: configuration example Do you mean, that I must copy the SSL crt/key files from the web server to the proxy server ? Zvi --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
