mod_proxy by URL acting weird

Posted on 2012-09-02
Last Modified: 2012-09-21
Hi Guys i hope  someone can help me

I Have an apache server that his main funtion is to do reverse proxy

we have a jboss as 7 with liferay and in the same box aN apache server; everything running on a RHEL 6.2 Server

We tried to make that apache server handled the certificates, but after some research i found that jobss and apache need to have certificat to works fine.

At this moment Jboss has certificates enabled listening on port 8443

My https on the apache is running on port 8181, the reason is that firewall forward al request from port 443 to the server  port 8181

The configuration i have works fine if everything is by ip, but if i use url the login part is the one is not workin; becuase after login it keeps by http and not https even that the action of login call to the https.

Login by IP
Works fine, the login action calls to https; authetication is done  using https ( i got the certificate) and next page after authentication still by htts

Login using URL

Login action calls to https , the authentication is done https ( becuase it show me the certificate), but when the portal show me the next page it show it as http  

This is my httpd.conf file

<VirtualHost *:8181>

ErrorLog logs/ssl_error_log
TransferLog logs/ssl_access_log
LogLevel debug

SSLEngine on
SSLProxyEngine On

SSLCertificateFile /var/tmp/sfp.crt
SSLCertificateKeyFile /var/tmp/sfp.key

ProxyRequests Off
ProxyPreserveHost On
ProxyPass / connectiontimeout=300 timeout=300
ProxyPassReverse / keepalive=On


ProxyRequests On
ProxyPreserveHost On
ProxyVia full
ProxyPass / keepalive=On
ProxyPassReverse / keepalive=On

  Any idea

what is happening ?
Question by:Pepe2323
    LVL 8

    Author Comment

    since this question has been assigned to DNS topic i will update with more info.

    this is DEV server and i don't have dns working on that what we have been doing is chaning the /etc/hosts file to point to ip.ip.ip.ip on the server and also on our local computers

    I have made test using the public ip and the internal ip and both face the same issue when i use

    Architecture  using Public ip

    Client ---- > Firewall -----> apache ----> App server

    Firewall listen on regular ports (80 and 443), apache listen on ( 8080 for http and 8181 for https) and app server listen ( 8081 for http and 8443 for https)

    Architecture  using internal ip

    Client -----> Apache ---> App server

    I hope this help to find a solution
    LVL 51

    Expert Comment

    does your login page redirect to a proper IP or FQDN? can you please post the URL to be redirected to
    LVL 8

    Author Comment

    At this moment i'm not able to get the exact url, someone did a mess on the server and crashed so they are working on the restore process.

    i'm gonna try to explain your question i hope will be understandable.

    i have done severl tests

    usgin public ip

    on my client browser i type http://200.x.x.x

    Action button  login calls to https://200.x.x.x/Guest/home ( i checked this using firebug)

    As soon as i push it, it show me the certificate,  and next page it been show also by https

    Conclusion by ip is working fine.

    Test 2:

    using url

    As i said there is not dns for this dev server, so in my hosts file i defined
    as the public ip 200.x.x.x; i did on ther client computer and in the server.

    Action of the login calls to

    i can access by http using , when i type my login and password and push "login" button it show me the certificate, but the next page that after login show with http; the ur it show is like

    Conclusion: my guess something after the login when i use url, is calling for the next page without the https.

    I wonder what is the difference on the process when i use url than when i use ip

    If you need the exacts urls when i use ip and when i use url i will get it but i will take me sometime; need to wait the server being restored again.
    LVL 51

    Expert Comment

    please check with firebug if you get this redirect from the server (some 30x response) or if the redirect is inside the HTML (meta tag or javascript)
    LVL 26

    Accepted Solution


    There's some info on the Liferay site, as to how to enforce HTTPS usin mod_proxy (rewrite rules for your plain HTTP virtual host).  See: "Secure form post"

    Anyway a simpler and more efficient solution would be to terminate the SSL conversation at the Apache layer and simply use  AJP (mod_jk) to connect to your Jboss instance. Seeing both are on the same physical server the security risks are minimal,


    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    Looking for New Ways to Advertise?

    Engage with tech pros in our community with native advertising, as a Vendor Expert, and more.

    One of the typical problems I have experienced is when you have to move a web server from one hosting site to another. You normally prepare all on the new host, transfer the site, change DNS and cross your fingers hoping all will be ok on new server…
    Periodically we have to update or add SSL certificates for customers. Depending upon your hosting plan you may be responsible for the installation and/or key generation. In the wake of Heartbleed many sites were forced to re-key. We will concen…
    Internet Business Fax to Email Made Easy - With eFax Corporate (, you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…
    This video discusses moving either the default database or any database to a new volume.

    758 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    13 Experts available now in Live!

    Get 1:1 Help Now