Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations SkipVought on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Reverse Proxy with SSL

Status
Not open for further replies.
Roadstone

Roadstone

Technical User
Apr 24, 2002
24
0
0
GB
Hi all

I hope someone can help out with this one. I'm currently running Apache 2.0.49 with OpenSSL 0.9.7a, to reverse proxy our Lotus iNotes server on our internal network. My DMZ server is running Redhat Fedora 2. For this posting - I've given the iNotes Server an IP of 100.0.0.1 and the Reverse Proxy server 192.168.1.1. The idea is that clients will establish a SSL encrypted session with the proxy server in the DMZ, which will then serve the iNotes application back to the client, hiding the details of the iNotes server.

In my ssl.conf file on the DMZ server, I have configured the virtual host as shown below.

Listen 443
Servername host.domain.com
ProxyRequests Off
ProxyPass / http:100.0.0.1
ProxyPassReverse /
Every thing seems to work well at first. I establish an SSL session from the client, accept the cerificate and the first thing I see is the home page of the iNotes server. The browser shows the address as (which is great as that's what it should be doing!). The problem comes in when I try logging onto my mailbox. The browser returns the IP address of the iNotes server and the SSL session is closed (
From what I can see, my ProxyPass and ProxyPassReverse directives should prevent this from happening. Any ideas where I might be going wrong?

Cheers
 
Sort by date Sort by votes
Hi,
Your SSL session break down because the connection to your mailbox is another one out of your SSL session. Perhaps you can redirect this request on your iNotes server to your proxy.....

I will tell you how to do this next time

Good luck
 
Upvote 0 Downvote
Isn't the following incorrect?

Listen 443
Servername host.domain.com
ProxyRequests Off
ProxyPass / http:100.0.0.1
ProxyPassReverse /


This should be:

Listen 443
Servername host.domain.com
ProxyRequests Off
ProxyPass / http:100.0.0.1
ProxyPassReverse /
 
Upvote 0 Downvote
Hi,

I'm aggree with you...
I think that The second conf is good..
Sorry for my carefuless
Thanks
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

KannaChan
  • Locked
  • Question
TLS1.2 and TLS1.0 proxy in same Virtualhost
Replies
1
Views
67
ChrisHirst
ChrisHirst
harro1968
  • Locked
  • Question
Help with ProxyPass
Replies
0
Views
47
harro1968
harro1968
CecilXavier
  • Locked
  • Question
RHEL IDM with Radius not authenticating
Replies
0
Views
70
CecilXavier
CecilXavier
mjj4golf2
  • Locked
  • Question
Help with setting up a media server
Replies
2
Views
81
vacunita
vacunita
bhaberman
  • Locked
  • Question
SSL_ERROR_NO_CYPHER_OVERLAP
Replies
2
Views
57
ChrisHirst
ChrisHirst

Part and Inventory Search

Sponsor

Back
Top