Hello Frank,
Thank you very much for your feedback!
If I understood your points correctly, the configuration file should look like
this:
ServerName localhost
DocumentRoot /var/www/html/
<VirtualHost *:80 >
ServerName [your.domain.com]
RewriteEngine on
RewriteCond %{SERVER_NAME} =[your.domain.com]
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>
<VirtualHost *:443 >
ServerName [your.domain.com]
ProxyPreserveHost On
ProxyPass / [http://](http://192.168.122.246/)[IP address virtual
machine][/](http://192.168.122.246/)
ProxyPassReverse / [http://](http://192.168.122.246/)[IP address virtual
machine][/](http://192.168.122.246/)
SSLEngine on
SSLCertificateFile
/etc/letsencrypt/live/[your.domain.com][/fullchain.pem](http://nextcloud.jeroenverhoeckx.com/fullchain.pem)
SSLCertificateKeyFile
/etc/letsencrypt/live/[your.domain.com][/privkey.pem](http://nextcloud.jeroenverhoeckx.com/privkey.pem)
Include /etc/letsencrypt/options-ssl-apache.conf
<IfModule mod_headers.c>
Header always set Strict-Transport-Security "max-age=15552000;
includeSubDomains"
</IfModule>
</VirtualHost>
The directive SSLEngine is also in the file options-ssl-apache.conf but I added
it so it's clear that it should be there.
> For the future, do use example.tld instead of someone else's domain name.
You mean that the domain 'domain.com' is already registered?
- Scott Trakker
‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐
On Thursday, August 26th, 2021 at 12:15 AM, Frank Gingras <thu...@apache.org>
wrote:
> This is wrong, actually. Here are the problems:
>
> 1) You should redirect to https:// from the :80 vhost, and nothing else
> 2) You should only proxy to your backend in your :443 vhost
> 3) If you proxy to http://, you don't need SSLProxyEngine on
> 4) A :443 vhost requires SSLEngine on, but you likely have it in your
> included file
>
> For the future, do use example.tld instead of someone else's domain name.
>
> On Mon, 23 Aug 2021 at 14:35, Scott Trakker
> <scott.trak...@protonmail.com.invalid> wrote:
>
>> I found the solution to my problem!
>>
>> If you want to configure a reverse proxy with HTTPS you have to install the
>> SSL-certificates on the host (and not in the remote server or virtual
>> machine)!
>>
>> This is the final virtual hosts file:
>>
>> ServerName localhost
>> DocumentRoot /var/www/html/
>>
>> <VirtualHost *:80 >
>> ServerName [your.domain.com]
>> ProxyPreserveHost On
>> ProxyPass / http://[IP address virtual machine]/
>> ProxyPassReverse / http://[IP address virtual machine]/
>> RewriteEngine on
>> RewriteCond %{SERVER_NAME} =[your.domain.com]
>> RewriteRule ^
>> [https://%{SERVER_NAME}%{REQUEST_URI](https://%%7BSERVER_NAME%7D%%7BREQUEST_URI)}
>> [END,NE,R=permanent]
>> </VirtualHost>
>>
>> <VirtualHost *:443 >
>> ServerName [your.domain.com]
>> SSLProxyEngine on
>> ProxyPreserveHost On
>> ProxyPass / http://[IP address virtual machine]/
>> ProxyPassReverse / http://[IP address virtual machine]/
>> SSLCertificateFile /etc/letsencrypt/live/[your.domain.com]/fullchain.pem
>> SSLCertificateKeyFile /etc/letsencrypt/live/[your.domain.com]/privkey.pem
>> Include /etc/letsencrypt/options-ssl-apache.conf
>> </VirtualHost>
>>
>> For the installation of the SSL-certificate I used Let's Encrypt. No need to
>> use any other third-party software!
>>
>> All the steps that I made, can be found here:
>> https://jeroenverhoeckx.com/build-your-own-personal-cloud.html
>>
>> --------------------------------------------------------
>> Support the independent web, use
>> [Firefox](https://www.mozilla.org/en-US/firefox/new/)
