Redirecting and proxying through ssl

I'm in charge of a box here that's running multiple apache servers.
I run the front end servers which handle the front end and proxying.
The third apache server is run by another group and interfaces with
backend databases and other apps.

Here's what everying does:

1. Server1 runs on port 80 and redirects all traffic to port 443 as https
2. Server2 runs on port 443 does nothing but proxy to the third server
running on port 7900
3. Server3 interfaces with a bunch of apps. I can't touch it.

I want to combine the first two servers. I want one apache server that
redirects all port 80 http traffic to port 443 https traffic and then
proxies everything through SSL to the server on port 7900.

Is this possible? Right now when I try to combine a Rewrite for port 80 with
a proxy on 443 the proxy takes over all traffic before the rewrite can trigger.

I've tried putting the rewrite and the proxy in seperate virtual hosts with
no luck either.

--
Michael Alberghini
Software Systems Engineer
Georgia State University
mike@gsu.edu
____________________________________________________________ __________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users@modssl.org
Automated List Manager majordomo@modssl.org

Re: Redirecting and proxying through ssl

Hi Mike,

I use the setup you want quite a lot (All cmds left in
but some altered)...

Listen XXXXXX:80

DocumentRoot "/usr/docs"
ServerName webserver.net
ServerAdmin websupport@????

CustomLog ......

RewriteEngine On
RewriteLog logs/rewrite.log
RewriteLogLevel 0
RewriteRule /(.*) https://webserver.net/$1 [R=301]


Listen XXXXXX:443

DocumentRoot "/usr/docs"
ServerName webserver.net
ServerAdmin websupport@webserver.net

CustomLog ......

SSLEngine on
SSLCipherSuite
ALL:!ADH:!EXP56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP
SSLCertificateFile /apache/somthing.crt
SSLCertificateKeyFile /apache/something.key
SSLCACertificateFile /apache/CA.crt

SetEnvIf User-Agent ".*MSIE.*" ssl-unclean-shutdown

RewriteEngine On
RewriteLog logs/rewrite.log
RewriteLogLevel 0
RewriteRule /(.*) http://webserver.net:7900/$1 [P]
ProxyPassReverse / http://webserver.net:7900/



This definately works as have about 50 servers doing
this (may need to check the ProxyPassReverse line).

Regards
Matt

--- Mike Alberghini wrote:
> I'm in charge of a box here that's running multiple
> apache servers.
> I run the front end servers which handle the front
> end and proxying.
> The third apache server is run by another group and
> interfaces with
> backend databases and other apps.
>
> Here's what everying does:
>
> 1. Server1 runs on port 80 and redirects all
> traffic to port 443 as https
> 2. Server2 runs on port 443 does nothing but proxy
> to the third server
> running on port 7900
> 3. Server3 interfaces with a bunch of apps. I
> can't touch it.
>
> I want to combine the first two servers. I want one
> apache server that
> redirects all port 80 http traffic to port 443 https
> traffic and then
> proxies everything through SSL to the server on port
> 7900.
>
> Is this possible? Right now when I try to combine a
> Rewrite for port 80 with
> a proxy on 443 the proxy takes over all traffic
> before the rewrite can trigger.
>
> I've tried putting the rewrite and the proxy in
> seperate virtual hosts with
> no luck either.
>
> --
> Michael Alberghini
> Software Systems Engineer
> Georgia State University
> mike@gsu.edu
>
____________________________________________________________ __________
> Apache Interface to OpenSSL (mod_ssl)
> www.modssl.org
> User Support Mailing List
> modssl-users@modssl.org
> Automated List Manager
majordomo@modssl.org


__________________________________
Do you Yahoo!?
Get better spam protection with Yahoo! Mail.
http://antispam.yahoo.com/tools
____________________________________________________________ __________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users@modssl.org
Automated List Manager majordomo@modssl.org