Solved

Apache multiple reverse proxy different ip's

Posted on 2012-04-10
3
469 Views
Last Modified: 2012-04-19
I have two websites that each have their own ip and certificates.

Does anyone have a template so I can reverse proxy to these websites with the proper certificate and ip? or is that even possible from one apache server?

For example:

www.domain1.com  192.168.1.2  internal proxied ip 192.100.1.2
www.domain2.com  10.10.1.2  internal proxied ip 10.100.1.2

They both must be reachable as a root site from the internet with their https cert.

As it stands now I can add one or the other, didnt know how to add both.


Here is a snapshot of one set of apache configs.  Not sure how to turn this into two sites.

It does work as one site just fine.

httpd.conf

<VirtualHost *:80>
        ServerName 192.168.1.2
        Redirect permanent / https://192.168.1.2/
</VirtualHost>


httpd-ssl.conf

# more httpd-ssl.conf
Listen 443
#

<VirtualHost _default_:443>
        SSLEngine on
        DocumentRoot "/opt/hpws22/apache/htdocs"
        ServerName SERVER:443
        ServerAdmin www@SERVER
        ErrorLog "/opt/hpws22/apache/logs/error_log"
        TransferLog "/opt/hpws22/apache/logs/access_log"
        #
        SSLCertificateFile /opt/hpws22/apache/conf/certs/DOMAIN1/www.domain1.com.crt
        SSLCertificateKeyFile "/opt/hpws22/apache/conf/certs/DOMAIN1/www.domain1.com.key"
        SSLCertificateChainFile "/opt/hpws22/apache/conf/certs/DOMAIN1/SSLCACertificate.crt"
        SSLCipherSuite ALL:!aNULL:!ADH:!eNULL:!LOW:!EXP:RC4+RSA:+HIGH:+MEDIUM
        SSLProtocol -all +SSLv3 +TLSv1
        #
        <FilesMatch "\.(cgi|shtml|phtml|php)$">
            SSLOptions +StdEnvVars
        </FilesMatch>
        <Directory "/opt/hpws22/apache/cgi-bin">
            SSLOptions +StdEnvVars
        </Directory>
        #
        ProxyPass / http://192.168.100.2:9080/
        ProxyPassReverse / http://192.168.100.2:9080/
        #
        BrowserMatch ".*MSIE.*" \
                 nokeepalive ssl-unclean-shutdown \
                 downgrade-1.0 force-response-1.0
        CustomLog "/opt/hpws22/apache/logs/ssl_request_log" \
                  "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
</VirtualHost>                                  
#
0
Comment
Question by:meleehunt
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 51

Accepted Solution

by:
ahoffmann earned 500 total points
ID: 37831612
# following configuration should do the trick:

Listen 192.168.1.2:443
Listen  10.10.1.2 :443
# NameVirtualHost

<VirtualHost 192.168.1.2:443>
...

<VirtualHost 10.10.1.2 :443>
...
0
 

Author Comment

by:meleehunt
ID: 37852033
Thank you trying to get it to work with two different certs ( 1 for each site )
0
 

Author Closing Comment

by:meleehunt
ID: 37867891
I couldnt get more than one cert to work if they were different.  But that could be just me.
0

Featured Post

Forrester Webinar: xMatters Delivers 261% ROI

Guest speaker Dean Davison, Forrester Principal Consultant, explains how a Fortune 500 communication company using xMatters found these results: Achieved a 261% ROI, Experienced $753,280 in net present value benefits over 3 years and Reduced MTTR by 91% for tier 1 incidents.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

As Wikipedia explains 'robots.txt' as -- the robot exclusion standard, also known as the Robots Exclusion Protocol or robots.txt protocol, is a convention to prevent cooperating web spiders and other web robots from accessing all or part of a websit…
Introduction This article is intended for those who are new to PHP error handling (https://www.experts-exchange.com/articles/11769/And-by-the-way-I-am-New-to-PHP.html).  It addresses one of the most common problems that plague beginning PHP develop…
There's a multitude of different network monitoring solutions out there, and you're probably wondering what makes NetCrunch so special. It's completely agentless, but does let you create an agent, if you desire. It offers powerful scalability …
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…

726 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question