Search code examples
apachereverse-proxy

Apache reverse proxy for HTTPS to HTTP

I'm trying to set up a reverse proxy to redirect https request to HTTP URL. I've a java application which brings up tomcat and hosts some services on that tomcat instance.

Another application will be invoking these services using https and this should be redirected http url. Below is the proxy config that I did.

Enabled mod_ssl.so,mod_proxy.so and mod_proxy_http.so modules in httpd.conf. And also added below IFModule to same file.

<IfModule ssl_module>
        Listen 443
</IfModule>

Below is the content of vhosts.conf file.

<VirtualHost *:443>
        ServerName domain.name.com
        ServerAdmin admin@domain.com
        DocumentRoot C:/Apache24/htdocs

    #    ErrorLog ${APACHE_LOG_DIR}/error.log
     #   CustomLog ${APACHE_LOG_DIR}/access.log combined

        SSLEngine On
        SSLCertificateFile /certificate_path
        SSLCertificateKeyFile /privatekey_path
        SSLCertificateChainFile /chain_cert_path

        AllowEncodedSlashes NoDecode
        RequestHeader set X-Forwarded-Proto "https"
        RequestHeader set X-Forwarded-Port "443"

        ProxyRequests Off
        <Proxy *>
            AddDefaultCharset Off
            Order deny,allow
            Allow from all
        </Proxy>

        RedirectMatch ^/metadata-agent$ /metadata-agent/
        ProxyPass /metadata-agent/ http://localhost:8084/ nocanon
        ProxyPassReverse /metadata-agent/ http://localhost:8084/

        RedirectMatch ^/tdv$ /tdv/
        ProxyPass /tdv/ http://localhost:9400/ nocanon
        ProxyPassReverse /tdv/ http://localhost:9400/

        ProxyErrorOverride Off
        ProxyPassReverseCookieDomain domain.name.com localhost
        ProxyPassReverseCookiePath / /
        ProxyPreserveHost on

        SSLProxyEngine On
        SSLProxyCheckPeerCN off
        SSLProxyCheckPeerExpire off

</VirtualHost>

I've tried all the possible answers available in SOF. But nothing is working. I'm getting a response with the below URL:

http://localhost:8084/tdv-soap/datasource/all

when I'm replacing it with https://domain.name.com/tdv-soap/datasource/all, getting the error "server can't be reached". I've also mapped localhost to domain name in hosts file.

Any help is highly appreciated.

Solution

  • The issue was with the proxy pass. I've made the Corrections mentioned below.

    Before Correction:

    RedirectMatch ^/metadata-agent$ /metadata-agent/
ProxyPass /metadata-agent/ http://localhost:8084/ nocanon
ProxyPassReverse /metadata-agent/ http://localhost:8084/

RedirectMatch ^/tdv$ /tdv/
ProxyPass /tdv/ http://localhost:9400/ nocanon
ProxyPassReverse /tdv/ http://localhost:9400/

    After Correction:

    RedirectMatch ^/metadata-agent$ /metadata-agent/
ProxyPass / http://localhost:8084/ nocanon
ProxyPassReverse / http://localhost:8084/

RedirectMatch ^/tdv$ /tdv/
ProxyPass / http://localhost:9400/ nocanon
ProxyPassReverse / http://localhost:9400/

    This has resolved the issue.