Apache ProxyPass with SSL

Question

I want to proxy requests from an SSL site via a non-SSL site. My Apache httpd.conf looks like this:

<VirtualHost 1.2.3.4:80>
    ServerName foo.com
    ProxyPass / https://bar.com/
</VirtualHost>

So, when I visit http://foo.com, I expect apache to make a request to https://bar.com and send me the the page it fetched.

Instead, I get a 500 error, and in the error log, I see:

[error] proxy: HTTPS: failed to enable ssl support for 4.3.2.1:443 (bar.com)

Presumably I'm missing a directive here. Which might it be?

Never mind the security implications. I fully understand the risks.

"Never mind the security implications. I fully understand the risks." - This is the devops equivalent of "Hold My Beer" ; ) — Eric Kigathi, Nov 13 '18 at 23:52

Sam Halicke · Accepted Answer · 2012-09-22T04:26:20.933

86

You'll need mod_ssl, mod_proxy and optionally mod_rewrite. Depending on your distribution and Apache version you may have to check if mod_proxy_connect and mod_proxy_http are loaded as well.

The directives for enabling SSL proxy support are in mod_ssl:

<VirtualHost 1.2.3.4:80>
    ServerName foo.com
    SSLProxyEngine On
    SSLProxyCheckPeerCN on
    SSLProxyCheckPeerExpire on
    ProxyPass / https://secure.bar.com
    ProxyPassReverse / https://secure.bar.com
</VirtualHost>

IIRC you can also use:

    RewriteRule / https://secure.bar.com [P]    # don't forget to setup SSLProxy* as well

edited Sep 22 '12 at 04:26

answered Nov 15 '09 at 02:02

Sam Halicke

6,122
1
24
35

With SSLProxy* directives, works as a charm – wajdi_jurry Aug 31 '22 at 17:40

score 2 · Answer 2 · answered Nov 15 '09 at 01:39

2

In Apache 1.x, mod_ssl would fix up ProxyPass. Do you have mod_ssl installed?

answered Nov 15 '09 at 01:39

Jim Zajkowski

1,604
12
11

Apache ProxyPass with SSL

2 Answers2

Linked