Hello all, I've been using a site configured to Proxy requests to another port for one ServerName and another on the same Apache2 directly serving PHP pages. That's been working fine. But now I want to add SSL to the proxied pages and it isn't going so smoothly. I had hints from a coworker and tried integrating that with my existing vhost files, but even at the best of times Apache2 fails startup.
I have been looking through the how-to (http://httpd.apache.org/docs/2.0/ssl/ssl_howto.html) , but this page never says anything about host files (it only uses the httpd.conf file) nor using port 443 so I'm less sure how relevant it is. The ssl_faq.html's Certificates' portion does clearly explain how to create the certificates themselves. That part seems fine. I did add the ssl and rewrite modules, relieving those early errors. Configuration-wise the advice I've gotten makes it looks like I need to first add a rewrite for the http requests: NameVirtualHost *:80 <VirtualHost *:80> ServerAdmin [EMAIL PROTECTED] ServerName site1.domain.com RewriteEngine on RewriteRule ^/$ https://site1.domain.com [R,L] CustomLog logs/site1-80_log combined ErrorLog logs/site1-80_error </VirtualHost> And then add a couple parts to my Proxied VirtualHost to process it correctly: NameVirtualHost *:443 <VirtualHost *:443> ServerAdmin [EMAIL PROTECTED] ServerName site1.domain.com ProxyPassReverse / http://localhost:3000/ ProxyPass / http://localhost:3000/ SSLEngine on SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP SSLCertificateFile /etc/ssl/server.crt SSLCertificateKeyFile /etc/ssl/server.pem CustomLog logs/site1-443_log combined ErrorLog logs/site1-443_error </VirtualHost> A related question is: should the Alias/Directory/Location entries following these need to be changed? They should all be https content, so the above tags should take care of that, correct? The /etc/hosts file has this entry since we want both this secured portion and a separate unsecured portion in a separate vhost file: 127.0.0.1 localhost site1.domain.com domain.com I am unsure what else is relevant here. If there are suggestions or questions I can answer, please let me know. Thanks for your insights, -Chris --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
