0

HTTPS is HTTP over SSL. I have an Apache server running on a machine in order to publish a Subversion repository (read-only). Apparently there is no direct solution to export the repository using lighttpd, which is why there is the Apache instance for this single purpose.

Now, the SVN repository is supposed to be available via HTTPS and my question is about the principle one can use to do the proxying.

To put it simple, is it possible to get lighttpd to proxy an HTTP (without SSL) connection from/to the Apache instance, but export it to the outside world via HTTPS? Like this?:

client ---[https]----{-> lighttpd <---[http]----> local-apache }

Or is that not possible at all and I have to resort to this?:

client ---[https]----{-> lighttpd <---[https]---> local-apache }

Note: I'm exclusively asking about feasibility of the approach and configuration of lighttpd. The Apache instance is configured and running fine, no adjustments needed there.

The used lighttpd version is 1.4.28 on Debian Squeeze.

0xC0000022L
  • 1,456
  • 2
  • 20
  • 41
  • Does it have to be lighttpd that you use as a proxy? Could you use a reverse proxy there instead like Squid? – James C Apr 02 '11 at 17:44
  • @James: it has to be lighttpd, yes. The rationale: lighttpd is the server that already serves some content, but needs to also serve Subversion, which it can't do on its own. – 0xC0000022L Apr 02 '11 at 18:34

1 Answers1

0

You example of having the proxy traffic between lighttpd and apache should work fine.

You'll need to use lighttpd's mod_proxy, here's a config example with a user doing almost exactly the same.

James C
  • 784
  • 1
  • 6
  • 8
  • thanks for the answer. I know that I have to use mod_proxy (see the tags). What's important to me is whether it's possible that the frontend server and the backend server talk to each other with HTTP, while the frontend server serves it via HTTPS to clients. I'll give the example linked a try and accept your answer if it works. – 0xC0000022L Apr 02 '11 at 18:41
  • I'm pretty sure it's the only way to proxy this traffic and that trying to get the proxying lighttpd to talk to Apache using https would be impossible. – James C Apr 03 '11 at 14:34