The goal is that external users can connect via HTTPS, go through basic auth on Apache and then view a proxies tomcat site.
I have set up a reverse proxy to a tomcat server running on the same machine on a different port with basic auth: (/etc/httpd/conf.d/vhost.conf)
NameVirtualHost *:80 <VirtualHost *:80> ServerName sub.domainx.co.uk ErrorLog "/var/log/proxy/domainx_prox_error_log" CustomLog "/var/log/proxy/domainx_prox_access_log" common ProxyRequests Off <Proxy *> Order deny,allow Deny from all Allow from all </Proxy> <Location /> AuthType Basic AuthName "Proxy Auth" AuthUserFile /var/www/syzygy-auth/CONFLUENCE/.htpasswd Require user ukuser Satisfy any Deny from all Allow from 192.168.0.0/21 </Location> ProxyPass / http://sub.domainx.co.uk:8090/ ProxyPassReverse / http://sub.domainx.co.uk:8090/ </VirtualHost>
The above works fine.
I then went about setting up mod_ssl on apache.
yum -y install mod_ssl
I then uploaded my wildcard ssl and made the dollowing changes to
uncommented: DocumentRoot "/var/www/html" uncommented/updated: ServerName www.server.world:443 SSLCertificateFile /etc/pki/tls/certs/server.crt SSLCertificateKeyFile /etc/pki/tls/certs/server.key
These changes appear to have had the desired effect.
I can not view index.html via HTTPS and HTTP proxies the tomcat server.
When I add an identical vhost but with the port changed to 443 no changes take affect.
When I added SSLProxyEngine On apache would not start.
I got the following in the proxy error logs:
Fatal error initialising mod_ssl, exiting. See /var/log/proxy/domainx_prox_error_log for more information Server should be SSL-aware but has no certificate configured