Reverse proxy with an internal https server

In my Reverse proxy of virtual hosts with apache 2 blog entry I showed how you can configure a reverse proxy. The only limitation is that the internal webserver must be http.

This limitation can be solved with 1 easy configuration line: SSLProxyEngine on.
All configuration lines needed to enable reverse proxy to an internal https servers are:

ProxyRequests off
SSLProxyEngine on
ProxyPass / https://blue.internal.x-tend.be/
ProxyPassReverse / https://blue.internal.x-tend.be/

If you want encryption between the clients on the internet and your proxy you have to configure you vhosts on the proxy to work with https. This doesn’t change anything about the reverse proxy configuration. You can still use both http and https on your internal connection.

This entry was posted on Tuesday, May 15th, 2007 at 14:03 and is filed under Linux SysAdmin. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

2 Comments

  1. Serge van Ginderachter said:
    August 24th, 2007

    Nice to know.How does the certificate check work on such a ‘double’ ssl proxied connection? What about self signed certificates?

  2. Joe said:
    October 22nd, 2007

    Good stuff about internal connection being https. What if I want the proxy to use an client cert to authenticate to the internal https server? Can this be done? Each server is authenticating to the other using a cert. Thanks.

Leave a Reply