Apache reverse proxy set up SSL certificate

Question

We need to set up a secure certificate on an Apache reverse proxy. We've been advised that we need to use a virtual host directive.

I've looked these up in the O'Reilly book bit can't find any examples that pick up https specifically.

Does anyone have any examples of config snippets to do this?

Answer 1

I'm not exactly sure what you are asking for, but there are multiple things you need. For example, you need to get a SSL certificate, then you need to install mod_ssl into your Apache. I suggest you install it using your system's package manager, etc..

This is an example virtualhost:

<VirtualHost IP.ADDRESS.HERE:443>
   DocumentRoot /web/domain.com/www/htdocs

   ServerName www.domain.com
   ServerAdmin server@domain.com

   SSLEngine on
   SSLCertificateFile /usr/local/etc/apache/ssl.crt/www.domain.com.crt
   SSLCertificateKeyFile /usr/local/etc/apache/ssl.key/www.domain.com.key

   ErrorLog "/var/logs/domain.com/error_log"
   CustomLog "|/usr/local/sbin/cronolog /var/logs/domain.com/%Y/%m/access_log" combined
</VirtualHost>

A proxy configuration inside the <VirtualHost /> can look different. This assumes that the domain points to a directory on your server, but what you do inside <VirtualHost /> is up to you.

As I said, I also had to install ssl into Apache, to load the module I needed the following:

LoadModule ssl_module libexec/apache/libssl.so
...
AddModule mod_ssl.c

And that's basically it. Let me know if you need more pointers. In case, it also helps if you tell us if you run Apache 1.3 or 2.x.

Answer 2

Not sure if this is what you're after, but I used something like the following in the past:

<IfModule mod_ssl.c>
    SSLProxyEngine On
    ProxyPreserveHost On
    RewriteRule ^/whatever(.*)$       https://otherhost/whatever$1  [P]
</IfModule>

I needed to proxy secure content from another host, and that's what we ended up using. Works fine, and has for some time now. Does that sort of cover what you're looking for?