10

I have Apache Tomcat running with SSL enabled. I have Apache HTTP Server acting as a reverse proxy so my if users hit http://myserver/tomcat/ they are passed to http://myserver:8080.

ProxyPass /tomcat/ http://myserver:8080/
ProxyPassReverse /tomcat/ http://myserver:8080/

I have Apache HTTP server configured for SSL as well so when users hit https://myserver/tomcat/ they should be passed to https://myserver:8443/.

With the current ProxyPass & ProxyPassReverse configuration they are going to be redirected to the non-ssl URL. How can I setup the proxy pass so that it redirects to different protocol and port based on the incoming request?

That is, if someone comes in via HTTPS how can I redirect them to my tomcat @ https://myserver:8443?

Update:

@mike-insch

I tried:

NameVirtualHost *:443

<VirtualHost *:80>
    ProxyPass /tomcat/ http://myserver:8080/
    ProxyPassReverse /tomcat/ http://myserver:8080/
</VirtualHost>

<VirtualHost *:443>
    ProxyPass /tomcat/ https://myserver:8443/
    ProxyPassReverse /tomcat/ https://myserver:8443/
</VirtualHost>

Now when I visit: https://myserver/tomcat/ I get "page not found". In the error log I see "File does not exist: /var/apache2/htdocs/tomcat"

Which is correct, but I expected the request to be routed to tomcat running at https://myserver:8443/.

Guess I need to look more at the virtual hosts, unless something looks glaringly wrong.

sysadmin1138
  • 133,124
  • 18
  • 176
  • 300
codecraig
  • 387
  • 2
  • 4
  • 8
  • I don't think you need the `NameVirtualHost` directive here. Also, you'll need to add the appropriate directives to enable SSL inside your `` section. – Mike Insch Jul 19 '11 at 19:44

2 Answers2

6

For completeness: if it's an option, it's a good idea to terminate SSL at Apache, rather than having Tomcat handle it as well. Providing Tomcat is only accessible from Apache this is simpler and no less secure.

In this setup, Apache would proxy HTTP and HTTPS to http://myserver:8080/:

NameVirtualHost *:443

<VirtualHost *:80>
    ProxyPass /tomcat/ http://myserver:8080/
    ProxyPassReverse /tomcat/ http://myserver:8080/
</VirtualHost>

<VirtualHost *:443>
    ProxyPass /tomcat/ http://myserver:8080/
    ProxyPassReverse /tomcat/ http://myserver:8080/
</VirtualHost>
David Carboni
  • 181
  • 1
  • 4
  • 1
    If doing this, you don't need to repeat the proxy directives in both VirtualHosts. You can just pull them out to the server context. – Amit Naidu Sep 03 '13 at 15:20
5

You need to do this via two independent <VirtualHost *:X> directives. Your HTTP directives go inside <VirtualHost *:80> while your HTTPS directives go inside <VirtualHost *:443>. Adjust as required if your server has multiple Address Based or Name Based virtual hosts configured. See the Apache 2 documentation for full details.

Mike Insch
  • 1,254
  • 8
  • 10