Apache 2 SSL Proxy

Posted on September 17, 2009 by Jianming Li

Configuration

Edit httpd.conf

LoadModule ssl_module modules/mod_ssl.so
LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_connect_module modules/mod_proxy_connect.so
LoadModule proxy_http_module modules/mod_proxy_http.so
 
Listen 443
NameVirtualHost *:443
<VirtualHost *:443>
  ServerName http://localhost
  # Serving https
  SSLEngine on
  SSLCertificateFile C:/certs/localhost.cer
  SSLCertificateKeyFile C:/localhost.key
 
  ProxyRequests Off
 
  <Proxy *>
    Order deny,allow
    Allow from all
  </Proxy>
 
  SSLProxyEngine on
  SSLProxyCACertificateFile       "C:/certs/cacert.pem"
  # Need BOTH public key AND unencrypted private key:
  SSLProxyMachineCertificateFile  "C:/certs/localhost_privatekey_publickey.txt"
  SSLProxyVerifyDepth             10
  SSLProxyVerify                  none
 
  # Proxy to app1.my.com:8080
  ProxyPass /app1/ https://app1.my.com:8080/
  ProxyPassReverse /app1/ https://app1.my.com:8080/
</VirtualHost>

Troubleshooting

incomplete client cert configured for SSL proxy (missing or encrypted private key?)

* Need BOTH public key AND unencrypted private key pasted together

SSLProxyMachineCertificateFile  "C:/certs/localhost_privatekey_publickey.txt"

This entry was posted in apache, ssl. Bookmark the permalink.