Apache .htpasswd SSL

Question

I understand there are similar questions to this. I tried their solutions and even tried commenting on one before asking this. Before logging in, Chrome is showing the connection does not have SSL. http://i.imgur.com/SBaNTJj.png

Here's my code

<VirtualHost *:80>
    ServerName http://dev.udorm.io
    ServerAlias http://dev.udormio.com
    RewriteEngine On
    RewriteCond %{HTTPS} off
    RewriteRule ^(.*)$ https://dev.udorm.io$1 [R,L]

</VirtualHost>

<VirtualHost *:443>
    SSLEngine On
    SSLCertificateFile /etc/letsencrypt/live/dev.udorm.io/cert.pem
    SSLCertificateChainFile /etc/letsencrypt/live/dev.udorm.io/chain.pem
    SSLCertificateKeyFile /etc/letsencrypt/live/dev.udorm.io/privkey.pem
    Include /etc/letsencrypt/options-ssl-apache.conf

    ServerName http://dev.udorm.io
    ServerAlias http://dev.udormio.com

    ProxyPreserveHost On
    ProxyPass / http://localhost:1337/
    ProxyPassReverse / http://localhost:1337/

    <Proxy *>
        AuthType Basic
        AuthName "Udormio Dev Server"
        AuthUserFile "/var/www/.htpasswd"
        Require valid-user
    </Proxy>
</VirtualHost>

Relevant log entries

[Fri Nov 13 12:20:55.984955 2015] [ssl:warn] [pid 4632] AH02292: Init: Name-based SSL virtual hosts only work for clients with TLS server name indication support (RFC 4366)

[Fri Nov 13 01:57:12.010818 2015] [proxy:error] [pid 3295] (111)Connection refused: AH00957: HTTP: attempt to connect to 127.0.0.1:1337 (localhost) failed
[Fri Nov 13 01:57:12.010855 2015] [proxy:error] [pid 3295] AH00959: ap_proxy_connect_backend disabling worker for (localhost) for 60s
[Fri Nov 13 01:57:12.010862 2015] [proxy_http:error] [pid 3295] [client 96.50.74.147:52396] AH01114: HTTP: failed to make connection to backend: localhost, referer: https://dev.udorm.io/

[Fri Nov 13 12:20:56.002792 2015] [ssl:warn] [pid 4632] AH01909: RSA certificate configured for ip-10-0-0-5.ec2.internal:443 does NOT include an ID which matches the server name

`ServerName http://dev.udorm.io` servername has to be without protocol. I don't think a certificate and a key would works for 2 your two domains. If you use a proxy you need to enable sslProxy. Did you self signed your certificate ? Are you sure thoose pem are crt and key too ?And can you post your apache log ? (once you corrected thoose) — Froggiz, Nov 13 '15 at 16:49
@Froggiz, When you say sslProxy, are you referring to modproxyconnect? — sajattack, Nov 13 '15 at 16:53
`http://localhost:1337/` is not found by apache, `http://dev.udorm.io` is incorrect as servername, — Froggiz, Nov 13 '15 at 18:16
Oh, yeah, I don't have the thing running on localhost:1337 right now. But that wouldn't influence whether the login is SSL, would it? — sajattack, Nov 13 '15 at 18:22
Remove tag to set the authentication even if proxy is not available — Froggiz, Nov 13 '15 at 18:24
Let us [continue this discussion in chat](http://chat.stackexchange.com/rooms/31519/discussion-between-sajattack-and-froggiz). — sajattack, Nov 13 '15 at 18:41
I am soon going to sleep i will not have the time for a chat, sorry — Froggiz, Nov 13 '15 at 21:19

Apache .htpasswd SSL

0 Answers0