On Thu, Jul 10, 2014 at 6:35 PM, <fabio.schm...@4linux.com.br> wrote:
> > Hi ! > > I'm trying to use Apache 2.2 to proxy connections to a server that only > listens with HTTPS (Citrix Secure Gateway, to be more precise) and keep the > connection encrypted. I've already enabled the proxy, proxy_http and > proxy_connect modules but when I access through my Apache server I got the > message "ERR_SSL_PROTOCOL_ERROR". > Why proxy_connect? Are you trying to perform this common scenario? client <--- HTTP over SSL/TLS ---> httpd <--- HTTP over SSL/TLS ---> Citrix? Does the client specify the hostname of httpd AND httpd has a certificate for that hostname? > > What am I misunderstanding and if someone could explain to me the correct > way to achieve a proxy with a HTTPS>HTTPS connection I would really > appreciate ! > > Here is my configuration: > > <VirtualHost *:443> > SSLEngine ON > SSLProxyEngine ON > ProxyPass / https://IP_OF_THE_CITRIX_SERVER/ > ProxyPassReverse / https://IP_OF_THE_CITRIX_SERVER/ > LogLevel debug > ErrorLog /var/log/apache2/citrix-ssl-error.log > TransferLog /var/log/apache2/citrix-ssl-access.log > </VirtualHost> > > Isn't ERR_SSL_PROTOCOL error displayed by Chrome for an error connecting to port 443 (i.e., nothing to do with the backend proxy connection)? Where's your certificate for client connections to port 443? This is the only VirtualHost for port 443 in your config, right? What is in /var/log/apache2/citrix-ssl-error.log when you fail to connect with a browser? > > Atenciosamente, > Fabio S. Schmidt > Consultor tĂ©cnico SĂȘnior > 4linux - Open Software Specialists > http://www.4linux.com.br > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org > For additional commands, e-mail: users-h...@httpd.apache.org > > -- Born in Roswell... married an alien... http://emptyhammock.com/
