On the old instance, represented in these files by prodweb01, ssl.conf and rewrite.conf were included from httpd.conf
On the new instance represented by testweb01, nss.conf and rewrite.conf are included from httpd.conf, and ssl.conf is no longer used. You'll see that there was an attempt to move all of the RewriteRules from the ssl.conf in the old instance to ProxyPass statements in nss.conf. I'm assuming you are correct that something is not correct with these rules. Thanks, Larry Cohen On Tue, Jun 16, 2015 at 1:36 PM, Cohen, Laurence <[email protected]> wrote: > I am most definitely confused. :-) > > I'm gathering and sanitizing configuration files now. > > Thanks, > > Larry > > On Tue, Jun 16, 2015 at 1:26 PM, Christopher Schultz < > [email protected]> wrote: > >> -----BEGIN PGP SIGNED MESSAGE----- >> Hash: SHA256 >> >> Laurence, >> >> On 6/16/15 1:02 PM, Cohen, Laurence wrote: >> > Thanks for everyone's response. to Andre' Warnier, yes. There are >> > many ProxyPass statements in nss.conf on the Apache webserver. >> > They appear to have taken the place of redirect statements in >> > ssl.conf, which is no longer in use. >> >> I think you may be confused. mod_nss looks like a replacement for >> mod_ssl, which means it's only being used for connections coming >> *into* the Apache httpd process -- probably from clients. >> >> Yes, mod_ssl is also used to handle HTTPS going *out* through >> mod_proxy, but you say that's working, right? >> >> mod_ssl doesn't have any "redirect" configuration. If you had >> "Redirect [something]" then it was using mod_alias, and that has >> nothing to do with either mod_nss (nee mod_ssl) or whatever module you >> are using to proxy from httpd to Tomcat (probably mod_proxy_http). >> >> > Your configuration assumption is correct, except that the users >> > will connect to the webserver on port 80 and port 443, and it is >> > invisible to them where they are going on the app server. >> >> Assuming that mod_nss can service mod_proxy_http just as mod_ssl was >> able to in the past, then you should have to change nothing in your >> configuration. >> >> My guess is that your ProxyPass directives for the :80 VirtualHost >> were somehow damaged in the switch-over. >> >> Can you show us the :443 configuration versus the :80 configuration in >> terms of ProxyPass and ProxyPassReverse directives? >> >> - -chris >> -----BEGIN PGP SIGNATURE----- >> Comment: GPGTools - http://gpgtools.org >> >> iQIcBAEBCAAGBQJVgFwtAAoJEBzwKT+lPKRYuU8P/Ao9G5qfkl3b/vWgG4rP2ooW >> 4rN+I7L7p3aNGp5GXylfPh04B7R3+Lc0OS82lZvRlDP0UWCEBChA4j+JIBddIqXG >> exiOHS7lZLEpduZuWr0cK3/DpcA1KcF9xQYjji2SdxfyiYiZPY7WepXd/Fm6gs0a >> rp7f8WpGl5onhDRz0KKGmZK0YJbhMr8JwlrdeKolUlpeG8s9pmFiccQgN+QVhmJL >> yv6sGcrxoBBZAnG+1MbUzHAh2SXvjaBVXessf5L/w8ttCXWb3a6KcuZp+RJwTLZ9 >> FYO+DPlfGIP5FM9+8YL8CtF39D0SGM+4Uz93hHJr37eVVRmSxVj7zDgnT3OdGfe1 >> zjanRi4abrrMeXWQG1KsUgqS8u5iq/+FC9s6+i5iSt6cRRQQHwWH5337U85s3SPB >> +XrjXdbLpdTe6pZz2AJ9htXOwO/o0b0sO7vVls9r4F7gSPbnnETyk/jWjcVbRClb >> zPPR2rF4/XNDy3mCmid2dMoIpk2IrTxTt1tP9gPf0ZNl0JFeWSZrpY8EJhd5lyZs >> CGJDKBph3BLgfmHV5yj/lZXwqW63RTuWluVfliVnDo7LEkTMa424yTaF68XBpRWL >> mic2/HKVvrqn9CypeOhrJ9SmDer/xJ8lZWUP5DMijuYJaTbgDcCQEIcj2pVBR5O/ >> RpQ2KXVnBjLHYdoFGpSD >> =YmrV >> -----END PGP SIGNATURE----- >> >> --------------------------------------------------------------------- >> To unsubscribe, e-mail: [email protected] >> For additional commands, e-mail: [email protected] >> >> >
--------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
