On 2021-08-22 4:41 p.m., Scott Trakker wrote:
Hello Apache administrators!
In summary I have the following question:
/How do I correctly configure a reverse proxy that redirects to a
website with HTTPS?/
*My set-up*
A RHEL server (host) with one virtual machine.
The website is running on the virtual machine (also RHEL).
*Virtual host file on the host*
ServerName localhost
DocumentRoot /var/www/html/
<VirtualHost *:80 >
ServerName [my.domain.com]
ProxyPreserveHost On
ProxyPass / http://192.168.122.246/ <http://192.168.122.246/>
ProxyPassReverse / http://192.168.122.246/ <http://192.168.122.246/>
</VirtualHost>
<VirtualHost *:443 >
ServerName [my.domain.com]
SSLProxyEngine on
ProxyPreserveHost On
ProxyPass / https://192.168.122.246/ <https://192.168.122.246/>
ProxyPassReverse / https://192.168.122.246/ <https://192.168.122.246/>
</VirtualHost>
*Virtual host file on the virtual machine*
ServerName localhost
<VirtualHost *:80 >
ServerName [my.domain.com]
DocumentRoot /var/www/html/
RewriteEngine on
RewriteCond %{SERVER_NAME} =[my.domain.com]
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI
<https://%{SERVER_NAME}%{REQUEST_URI>} [END,NE,R=permanent]
</VirtualHost>
<VirtualHost *:443>
ServerName [my.domain.com]
DocumentRoot /var/www/html/
SSLCertificateFile
/etc/letsencrypt/live/[my.domain.com]/fullchain.pem
<http://nextcloud.jeroenverhoeckx.com/fullchain.pem>
SSLCertificateKeyFile
/etc/letsencrypt/live/[my.domain.com]/privkey.pem
<http://nextcloud.jeroenverhoeckx.com/privkey.pem>
Include /etc/letsencrypt/options-ssl-apache.conf
</VirtualHost>
I installed the SSL certificate with certbot of Let's Encrypt and I got
the message that it was installed correctly.
*Problem*
When I go to my domain <https://nextcloud.jeroenverhoeckx.com/>, Firefox
tells me that the website isn't secure.
And when I go to <https://nextcloud.jeroenverhoeckx.com/> I get:
... does not trust this site because it uses a certificate that is not
valid for nextcloud.jeroenverhoeckx.com. The certificate is only valid
for IntelNUC.
Maybe you could start with a "valid for your domain" certificate?
Best -- Paul
*Question*
/What do I need to add to the virtual host file on the host to correctly
pass all HTTPS traffic to the virtual host on the virtual machine?/
Ideally (if possible) I don't request for another SSL certificate or
copy the certificate on the virtual machine to the host.
I'm documenting all the steps on a blog post so others can repeat the
steps that I make. You can find this blog post here
<https://jeroenverhoeckx.com/build-your-own-personal-cloud.html> (still
work in progress / draft).
Any help is appreciated! I searched on the internet but couldn't find
any good documentation for this specific problem.
Your sincerely,
Scott Trakker
--------------------------------------------------------
/Support the independent web, use //Firefox/
<https://www.mozilla.org/en-US/firefox/new/>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org