0

So I can't get my head around this problem, and looked everywhere on the internet but did not found any working solution.

1.1. I have an apache server running as virtual host. In the initial situation, it listens to port 80, it's binded with my domain example.com, and everything is fine. ( using HTTP://example.com )

1.2. On the same machine, I have an API running on port 4000. My frontend websites try to GET from that api, calls it using HTTP://example.com:4000/api/. Again here, everything works just fine, the api loads up the data it's supposed to on the page.

2.1. Now I configued SSL for my domain. Got a certificate from ZeroSSL, included the 3 provided files/keys in my apache config file of my virtual host, and good, now HTTPS://example.com load up nice and secure, now from port 443, "obviously". So basic SSL config and certificate should be good !

2.2. Now here comes the problem. Initially, my now-secured page was trying to load up my api from the non-sucured HTTP (HTTP://example.com:4000/api/), which doesn't work here in my HTTPS page for sure (and wouldn't make any sense in a security point of view). Since my SSL Certificate is normally valid for the whole domain example.com, I tried just to change the GET to point on HTTPS://example.com:4000/api/, but at this point I get a ERR_SSL_PROTOCOL_ERROR while trying to load my page (using HTTPS://example.com)

I read things about using ReverseProxy, or setup another vistual host for that port and including ssl config in that one, but at this point my noob-ness blocks me. At this point my website gives an error 404 (which is only cause when I keep the "ProxyPass" line in the example.com.conf). Without ProxyPass, i'm still with ERR_SSL_PROTOCOL_ERROR. Here's what my apache enabled-sites configs look like :

example.com.conf

<VirtualHost *:443>

ServerAdmin webmaster@localhost
ServerName example.com
ServerAlias www.example.com
DocumentRoot /var/www/example.com
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined

ProxyRequests Off
ProxyPreserveHost On
ProxyPass / http://SERVER_LOCAL_IP:4000
ProxyPassReverse / http://SERVER_LOCAL_IP:4000

SSLEngine on
SSLCertificateFile /var/www/example.com/ssl/certificate.crt
SSLCertificateKeyFile /var/www/example.com/ssl/private.key
SSLCertificateChainFile /var/www/example.com/ssl/ca_bundle.crt

</VirtualHost>

api.conf -- (Which I created after getting the ERR_SSL_PROTOCOL_ERROR, but does not seem to change anything)

<VirtualHost *:4000>

ServerName example.com
ServerAlias www.example.com


SSLEngine on
SSLCertificateFile /var/www/example.com/ssl/certificate.crt
SSLCertificateKeyFile /var/www/example.com/ssl/private.key
SSLCertificateChainFile /var/www/example.com/ssl/ca_bundle.crt

</VirtualHost>

So at this point, I'm pretty much blocked and can't get my api to be used with SSL. Any help please ?

Thanks in advance !

CharlZ
  • 1
  • 1
  • Does this answer your question? [What is a Reverse Proxy?](https://serverfault.com/questions/8654/what-is-a-reverse-proxy) – vidarlo Aug 12 '22 at 20:33

1 Answers1

-1

I'm not going to say that I know the answer. Although I have a couple of things you can try:

  1. Search up the name of the API along with the term "ERR_SSL_PROTOCOL_ERROR" which should lead you to some forums of people who know the answer to your question
  2. Try using a different SSL certification like the free ones from https://letsencrypt.org/ as those have always worked out for me and served no problems
Dhrxv
  • 9
  • 1