Setting up SSL Termination on Apache Traffic Server (Reverse Proxy)

Question

We are attempting to setup Apache Traffic Server to act as reverse proxy for our web server. Here are the basics:

Apache Traffic Server, built from source (6.1.0) and installed into /opt, is running on a CentOS 7 (7.1.1503) server.
Apache Traffic Server is setup to redirect port 80 and 443 traffic (via the remap.config) to our web server which is IIS running on Windows Server 2012
From my local machine, with my host file appropriately modified (we are not running the reverse proxy in production), I can get to our website as normal, and it is redirected through the reverse proxy to the web server as expected.
When I try to go to the HTTPS version of our website, I instead get, in Firefox, "Secure Connection Failed". With the error code "ssl_error_rx_record_too_long". In Chrome I get "ERR_SSL_PROTOCOL_ERROR".

I've uploaded an anonymized version of our records.config and remap.config to Pastebin (see here and here), and our ssl_multicert.config is configured thus:

ip_dest=* ssl_cert_name=star_foo_com.pem

I'm not particularly well versed in the web side of things, but it's fallen to me to set this up. I'm sure I've simply missed something simple in the configuration process.

Run it through https://www.ssllabs.com/ssltest/ (Tick the *Do not show the results on the boards* checkbox if you worry about that.) What does it say? — StackzOfZtuff, Nov 06 '15 at 12:47
Here is what we get when I run that SSLLabs test: [link](http://i.imgur.com/DivxNTo.jpg) — thunderbird32, Nov 09 '15 at 16:30
A little more information: when i run the command "openssl s_client -connect localhost:443" — thunderbird32, Nov 13 '15 at 19:54

Setting up SSL Termination on Apache Traffic Server (Reverse Proxy)

0 Answers0