Apache Reverse Proxy With SSL

Question

Is it possbile to reverse proxy to internal server via HTTPS and serve the certificate from the backend server instead of the certificate on the proxy?

Answer 1

I believe that this cannot be done as it would allow for man in the middle attacks

Answer 2

konqi> That's pretty much the reverse proxy configuration I've been using for years, with a rewrite rule instead of proxy directives which did not work well here.

RewriteEngine On
# is the virtualhost in the allowed server list ?
RewriteCond %{SERVERNAME} ^(server1|server2|server3|server4)\.domain\.com$
# then redirect to the real server (which the virtualhost name resolves to on the proxy)
RewriteRule ^/(.*)$ https://%{SERVER_NAME}/$1 [P]
# else block it all
RewriteRule ^.*$ - [F]

Plain and simple.

Answer 3

Found this configuration as followed:

• You have ONE Domain example.com with different subdomains as VHOSTs (one.example.com, two.example.com, ..)
• You have a Wildcard-Certificate for your domain *.example.com
• You need mod_proxy
• with Proxy directives works for different servernames matching *.example.com
• If there are not other webservers behind the proxy, add without SSL for your domains which are the proxied in the VirtualHost:443 configuration above.

Hot chick! Couldn't believe that this works, but it seems to! Not found any specification to that behaviour, but try yourself.

With kind regards, ~Marcel

P.S: NOT regarding any security doubts here! Please keep in mind that these proxy calls to the "backend" are unsecured and therefore (as like mentioned by Rob) potentially dangerous!