Solved

Apache multiple reverse proxy different ip's

Posted on 2012-04-10
3
453 Views
Last Modified: 2012-04-19
I have two websites that each have their own ip and certificates.

Does anyone have a template so I can reverse proxy to these websites with the proper certificate and ip? or is that even possible from one apache server?

For example:

www.domain1.com  192.168.1.2  internal proxied ip 192.100.1.2
www.domain2.com  10.10.1.2  internal proxied ip 10.100.1.2

They both must be reachable as a root site from the internet with their https cert.

As it stands now I can add one or the other, didnt know how to add both.


Here is a snapshot of one set of apache configs.  Not sure how to turn this into two sites.

It does work as one site just fine.

httpd.conf

<VirtualHost *:80>
        ServerName 192.168.1.2
        Redirect permanent / https://192.168.1.2/
</VirtualHost>


httpd-ssl.conf

# more httpd-ssl.conf
Listen 443
#

<VirtualHost _default_:443>
        SSLEngine on
        DocumentRoot "/opt/hpws22/apache/htdocs"
        ServerName SERVER:443
        ServerAdmin www@SERVER
        ErrorLog "/opt/hpws22/apache/logs/error_log"
        TransferLog "/opt/hpws22/apache/logs/access_log"
        #
        SSLCertificateFile /opt/hpws22/apache/conf/certs/DOMAIN1/www.domain1.com.crt
        SSLCertificateKeyFile "/opt/hpws22/apache/conf/certs/DOMAIN1/www.domain1.com.key"
        SSLCertificateChainFile "/opt/hpws22/apache/conf/certs/DOMAIN1/SSLCACertificate.crt"
        SSLCipherSuite ALL:!aNULL:!ADH:!eNULL:!LOW:!EXP:RC4+RSA:+HIGH:+MEDIUM
        SSLProtocol -all +SSLv3 +TLSv1
        #
        <FilesMatch "\.(cgi|shtml|phtml|php)$">
            SSLOptions +StdEnvVars
        </FilesMatch>
        <Directory "/opt/hpws22/apache/cgi-bin">
            SSLOptions +StdEnvVars
        </Directory>
        #
        ProxyPass / http://192.168.100.2:9080/
        ProxyPassReverse / http://192.168.100.2:9080/
        #
        BrowserMatch ".*MSIE.*" \
                 nokeepalive ssl-unclean-shutdown \
                 downgrade-1.0 force-response-1.0
        CustomLog "/opt/hpws22/apache/logs/ssl_request_log" \
                  "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
</VirtualHost>                                  
#
0
Comment
Question by:meleehunt
  • 2
3 Comments
 
LVL 51

Accepted Solution

by:
ahoffmann earned 500 total points
ID: 37831612
# following configuration should do the trick:

Listen 192.168.1.2:443
Listen  10.10.1.2 :443
# NameVirtualHost

<VirtualHost 192.168.1.2:443>
...

<VirtualHost 10.10.1.2 :443>
...
0
 

Author Comment

by:meleehunt
ID: 37852033
Thank you trying to get it to work with two different certs ( 1 for each site )
0
 

Author Closing Comment

by:meleehunt
ID: 37867891
I couldnt get more than one cert to work if they were different.  But that could be just me.
0

Featured Post

Ransomware: The New Cyber Threat & How to Stop It

This infographic explains ransomware, type of malware that blocks access to your files or your systems and holds them hostage until a ransom is paid. It also examines the different types of ransomware and explains what you can do to thwart this sinister online threat.  

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Redirect all pages to one specific page 1 120
Problem to get function 52 106
Change local server setting in php 6 87
HHTP and HTTPS redirect question 3 110
Hi, in this article I'm going to teach you how to run your own site, and how to let people in (without IP). I'll talk about and explain each step... :) By the way, everything in this Tutorial is completely free and legal. This article is for …
In Solr 4.0 it is possible to atomically (or partially) update individual fields in a document. This article will show the operations possible for atomic updating as well as setting up your Solr instance to be able to perform the actions. One major …
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

773 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question