Avatar of sysautomation
 asked on

Apache Reverse Proxy

On a customer's request I have to create a reverse proxy for following URL on customer's server running Apache on CentOS 6.

URL of the back end is

I have added following lines in a virtualhost on Apache:

SSLProxyEngine          On
ProxyPass /
ProxyPassReverse /

But when I access http://mydomain/gateway/order.json I get "Bad Request Your browser sent a request that this server could not understand." . No errors in error_logs of Apache.

I would be thankful if someone can help.
LinuxApache Web ServerWeb Servers

Avatar of undefined
Last Comment
David Favor

8/22/2022 - Mon

You are using an ip in the proxy, the response points to the configuration on the web server that it does not have a way to determine what you are looking for.
This often is a setup where default website is not set, unless you request the correct hosted sore, you would get no information.

You have to use a specific name I.e sone reference.sonedomain.com
Once added, your rules will strip the URL to make sure the subsequent links will flow through the proxy.

The other issue, often reverse proxy protects an internal server from direct access, possible attack vector.
You are referencing a public ip, so a request will go over the wan to the ip, the response will flow back that will then be forwarded to the client who made the initial request.

You need to also add the certificate of the remote to your trusted list to avoid having issues.

ASKER alreday returns correct result therefore the default website is set and I have also tested replacing the IP with the hostname but it doesn't make any difference.

> You need to also add the certificate of the remote to your trusted list to avoid having issues.

Can you please tell me how can I download the certificate of the remote server and add to my trusted list?
Experts Exchange is like having an extremely knowledgeable team sitting and waiting for your call. Couldn't do my job half as well as I do without it!
James Murphy

The IP, hostname when viewing the certificate match? You may have to disable certificate verification.
Oh, just looked at your configuration of the reverse proxy, you gave an error
Proxypass and proxypassreverse have to be mirror images of each other
Proxypass / https://destination
Proxypassreverse https://destination /

Look at the Apache logs, including error logs to see what the issue is.
You could potentially enable a more detailed logging before entering the reverse proxy, terminating after to see exactly what is being attempted and what is being received......

The ip has several certificates. The URL on the certificate is an alias yet to another domain/URL.

You might have settings/parameters that do not exist on other system and on these other system an error related to the certificate is the first thing presented.
David Favor

View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
Ask your own question & get feedback from real experts
Find out why thousands trust the EE community with their toughest problems.