1

I have an apache 2.4 server which uses proxypass to forward SSL connections for one domain to an OSX server 5.1.5 on the same local network. I generated my CSR on the apache server and it seems to work but throws a network error when using device enrollment which complains about an invalid SSL configuration, I am able to click enroll and download a profile but then I get

profile configuration failed - network error

The following is my vhost configuration.

<VirtualHost *:443>
        ServerName mydomain.xyz

        SSLEngine On
        SSLProxyEngine On
        ProxyRequests Off
        SSLProxyCheckPeerCN off
        SSLProxyCheckPeerExpire off
        SSLProxyCheckPeerName off
        SSLInsecureRenegotiation on
        SSLProxyVerify none
        SSLVerifyClient none
        SSLCertificateFile /etc/ssl/mydomain_xyz.crt
        SSLCertificateKeyFile /etc/ssl/mydomain_xyz.key

        ProxyPass / https://10.0.1.36/
        ProxyPassReverse / https://10.0.1.36/

        ProxyPreserveHost on

        <Location "/">
                Require all granted
        </Location>
</VirtualHost>

When visiting the domain in the browser I don't see any errors.

Are there any possible errors with my configuration?

The second server has a self signed certificate as it does not directly handle any external connections, only via proxypass on the apache server.

Is this the right way to set up SSL with proxypass or should I have the SSL certificate be created for the second server using its CSR?

Matkey
  • 43
  • 5
  • 1
    SSL was not the issue as it turns out. I hade failed to open port 1640 in the firewall for the SCEP server – Matkey May 17 '16 at 14:30

1 Answers1

0

Sounds like you have a separate issue maybe--have you checked the firewall, e.g. port 1640 (SCEP). You could post your own answer like this as well, and then mark the question answered to help clean up the site, here.

bourneN5years
  • 219
  • 1
  • 2
  • 11