1

I have two Amazon EC2 instances, call them A and B. A runs Apache and Tomcat. On server A, Apache only uses plain HTTP. Tomcat listens on 8443, but I use iptables to redirect requests on 443 to 8443 for Tomcat.

What I need to change is that I want to accept some 443 requests on A and forward them to server B. For example, requests on domain.com/app goes to B and requests on domain.com/service goes to A, which is redirected to Tomcat.

I never used reverse proxy, but I want to make sure this is possible in reverse proxy.

I don't know if I can ask another related issue here: I want to use one single SSL certificate for my domain, but in reality I have two Apache servers on A and B. Will that be possible in my planned setting?

hsnm
  • 163
  • 7

1 Answers1

1

You would need to configure your httpd instance on server A to accept all requests for :443 and forward them either to httpd on server B or to Tomcat using whatever rules you choose. I'd recommend mod_proxy_http for this.

The SSL certificate is usually for a specific host (wildcard certs for an entire domain are available but much more expensive). As long as the following are true, you'll be fine: - all HTTPS requests for your domain are initially handled by Server A - The host name of server A matches your SSL cert

What happens behind the reverse proxy is invisible to the client so you can have as many or as few hosts as you like.

Mark Thomas
  • 867
  • 5
  • 8
  • I was planning to do what you suggested: initially handling all requests by server A. That means I have to remove my iptables rule for forwarding to Tomcat and use mod_proxy_http to proxy the requests according to the URL. In this case will I need to enable https on Apache for server A? I currently don't since only Tomcat is using https on A. – hsnm Feb 03 '13 at 15:53
  • Yes. If you want to httpd to handle https then you'll to configure it to do so. – Mark Thomas Feb 06 '13 at 09:06