| ... |
... |
@@ -18,4
+18,43 @@ |
| 18 |
18 |
|
| 19 |
19 |
For the correct configuration of an Apache server, which acts as a reverse proxy, two points are relevant and have to be stored e.g. in the configuration of the VirtualHosts: |
| 20 |
20 |
|
| 21 |
|
-1. The instruction {{{code language="none"}}}ProxyPreserveHost On{{{/code}} to get the originally called //Host// header 1. The separation of the individual protocols and its usage when forwarding to the application server. This means that for //HTTP// and //HTTPS// a separate VirtualHost with appropriate configuration must be used. This configuration, as well as any settings that may be necessary when using self-generated certificates, is briefly illustrated here: ((( {{code language="none"}} <VirtualHost www.example.com:80> ... # Enables retention of the originally called host up to the application server. ProxyPreserveHost On ... # Forwarding via HTTP ProxyPass / http://192.168.0.1/ ProxyPassReverse / http://192.168.0.1/ </VirtualHost> <IfModule mod_ssl.c> <VirtualHost www.example.com:443> ... SSLEngine on SSLProxyEngine On ... # Enables retention of the originally called host up to the application server. ProxyPreserveHost On # Deactivates the certificate check of the application server if necessary. # Necessary if the certificates are self-created. SSLProxyVerify none SSLProxyCheckPeerCN off SSLProxyCheckPeerName off SSLProxyCheckPeerExpire off ... # Forwarding via HTTPS ProxyPass / https://192.168.0.1/ ProxyPassReverse / https://192.168.0.1/ </VirtualHost> </IfModule> {{/code}} )))}}} |
|
21 |
+1. The instruction {{{code language="none"}}}ProxyPreserveHost On{{{/code}} to get the originally called //Host// header |
|
22 |
+1. The separation of the individual protocols and its usage when forwarding to the application server. This means that for //HTTP// and //HTTPS// a separate VirtualHost with appropriate configuration must be used. |
|
23 |
+ |
|
24 |
+This configuration, as well as any settings that may be necessary when using self-generated certificates, is briefly illustrated here: |
|
25 |
+ |
|
26 |
+((( |
|
27 |
+{{code language="none"}} |
|
28 |
+<VirtualHost www.example.com:80> |
|
29 |
+ ... |
|
30 |
+ # Enables retention of the originally called host up to the application server. |
|
31 |
+ ProxyPreserveHost On |
|
32 |
+ ... |
|
33 |
+ # Forwarding via HTTP |
|
34 |
+ ProxyPass / http://192.168.0.1/ |
|
35 |
+ ProxyPassReverse / http://192.168.0.1/ |
|
36 |
+</VirtualHost> |
|
37 |
+ |
|
38 |
+<IfModule mod_ssl.c> |
|
39 |
+ <VirtualHost www.example.com:443> |
|
40 |
+ ... |
|
41 |
+ SSLEngine on |
|
42 |
+ SSLProxyEngine On |
|
43 |
+ ... |
|
44 |
+ # Enables retention of the originally called host up to the application server. |
|
45 |
+ ProxyPreserveHost On |
|
46 |
+ |
|
47 |
+ # Deactivates the certificate check of the application server if necessary. |
|
48 |
+ # Necessary if the certificates are self-created. |
|
49 |
+ SSLProxyVerify none |
|
50 |
+ SSLProxyCheckPeerCN off |
|
51 |
+ SSLProxyCheckPeerName off |
|
52 |
+ SSLProxyCheckPeerExpire off |
|
53 |
+ ... |
|
54 |
+ # Forwarding via HTTPS |
|
55 |
+ ProxyPass / https://192.168.0.1/ |
|
56 |
+ ProxyPassReverse / https://192.168.0.1/ |
|
57 |
+ </VirtualHost> |
|
58 |
+</IfModule> |
|
59 |
+{{/code}} |
|
60 |
+))) |