Apache Reverse Proxy

On a customer's request I have to create a reverse proxy for following URL on customer's server running Apache on CentOS 6.

URL of the back end is https://94.57.252.195/gateway/order.json

I have added following lines in a virtualhost on Apache:

SSLProxyEngine          On
ProxyPass / https://94.57.252.195/
ProxyPassReverse / https://94.57.252.195/


But when I access http://mydomain/gateway/order.json I get "Bad Request Your browser sent a request that this server could not understand." . No errors in error_logs of Apache.

I would be thankful if someone can help.
sysautomationAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

arnoldCommented:
You are using an ip in the proxy, the response points to the configuration on the web server that it does not have a way to determine what you are looking for.
This often is a setup where default website is not set, unless you request the correct hosted sore, you would get no information.

You have to use a specific name I.e sone reference.sonedomain.com
Once added, your rules will strip the URL to make sure the subsequent links will flow through the proxy.

The other issue, often reverse proxy protects an internal server from direct access, possible attack vector.
You are referencing a public ip, so a request will go over the wan to the ip, the response will flow back that will then be forwarded to the client who made the initial request.
0
arnoldCommented:
You need to also add the certificate of the remote to your trusted list to avoid having issues.
0
sysautomationAuthor Commented:
https://94.57.252.195/gateway/order.json alreday returns correct result therefore the default website is set and I have also tested replacing the IP with the hostname but it doesn't make any difference.

> You need to also add the certificate of the remote to your trusted list to avoid having issues.

Can you please tell me how can I download the certificate of the remote server and add to my trusted list?
0
arnoldCommented:
The IP, hostname when viewing the certificate match? You may have to disable certificate verification.
Oh, just looked at your configuration of the reverse proxy, you gave an error
Proxypass and proxypassreverse have to be mirror images of each other
Proxypass / https://destination
Proxypassreverse https://destination /


Look at the Apache logs, including error logs to see what the issue is.
You could potentially enable a more detailed logging before entering the reverse proxy, terminating after to see exactly what is being attempted and what is being received......

The ip has several certificates. The URL on the certificate is an alias yet to another domain/URL.

You might have settings/parameters that do not exist on other system and on these other system an error related to the certificate is the first thing presented.
0
David FavorLinux/LXD/WordPress/Hosting SavantCommented:
You may think your setup is simple + setting up proxies can be more complex than you might imagine.

Post your real URLs, so people can run tools to test your config + likely you'll have many useful answers.

Difficult to answer this type of question with theoretical domain names in URLs.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Linux

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.