3

I am trying to use apache(2.4) as an reverse proxy for tomcat(7), which works fine when I use http only.

http config:

<VirtualHost *:80>
ServerName abc.domain.org


ProxyRequests Off
ProxyPreserveHost On
<Proxy *>
   Order allow,deny  
   Allow from all  
</Proxy>


ProxyPass / http://localhost:8080/
ProxyPassReverse / http://localhost:8080/

</VirtualHost>

This works completely fine.

But when I want apache to handle https its not working at all. I tried a lot of things, but I only end up seeing a plane page with "index of /"

https config:

<VirtualHost *:443>
ServerName abc.domain.org
SSLEngine On

SSLCertificateFile path
SSLCertificateKeyFile path
SSLCertificateChainFile path


ProxyRequests Off
ProxyPreserveHost On
<Proxy *>
   Order allow,deny  
   Allow from all  
</Proxy>

ProxyPass / http://localhost:8080/
ProxyPassReverse / http://localhost:8080/


</VirtualHost>

Any help or hints would be mouch appreciated.

Edit: If you need any more information, feel free to ask.

Edit2:

Output of apachectl -s:

VirtualHost configuration:
*:80                   abc.domain.org (/etc/httpd/conf.d/proxy.conf:1)
*:443                  is a NameVirtualHost
     default server abc.domain.org (/etc/httpd/conf.d/ssl.conf:56)
     port 443 namevhost abc.domain.org (/etc/httpd/conf.d/ssl.conf:56)
     port 443 namevhost abc.domain.org (/etc/httpd/conf.d/proxy.conf:24)
ServerRoot: "/etc/httpd"
Main DocumentRoot: "/var/www/html"
Main ErrorLog: "/etc/httpd/logs/error_log"
Mutex proxy-balancer-shm: using_defaults
Mutex rewrite-map: using_defaults
Mutex authdigest-client: using_defaults
Mutex ssl-stapling: using_defaults
Mutex proxy: using_defaults
Mutex authn-socache: using_defaults
Mutex ssl-cache: using_defaults
Mutex default: dir="/run/httpd/" mechanism=default 
Mutex mpm-accept: using_defaults
Mutex authdigest-opaque: using_defaults
PidFile: "/run/httpd/httpd.pid"
Define: DUMP_VHOSTS
Define: DUMP_RUN_CFG
User: name="apache" id=48
Group: name="apache" id=48
SomeGuyOnTheNet
  • 33
  • 1
  • 2
  • 7
  • I had to add `:443` to the ServerName to make this work: `ServerName abc.domain.org:443` – Gerald Schneider Oct 06 '16 at 09:07
  • Are you using "path" as placeholer for this post? Because those have to point to the actual Files IF you want to provide those at the proxy level. Also, you can't handle http and https connections over the same port (you use 8080 for both). Also you didn't add the http**s**. I better add an answer. – Broco Oct 06 '16 at 11:13
  • First remove the `` block from your vhosts, they are simply not needed. If you get problems without them then you have some other configuration that is causing the problem. Next, add the output of `apachectl -S` to your post. – Unbeliever Oct 06 '16 at 11:20
  • @Broco: Yes, I use "path" as a placeholder. I didn't add the https, because I don't need https between Tomcat and Apache, as they are on the same Server. – SomeGuyOnTheNet Oct 06 '16 at 11:29
  • @Unbeliever: I will remove that block and add the output of the command to my Question. – SomeGuyOnTheNet Oct 06 '16 at 11:31
  • If you only get a blank index listing you most probably have a second virtualhost directive somewhere in your config that has a higher priority than this. Find it and remove it. – Gerald Schneider Oct 06 '16 at 11:33
  • And there it is, in ssl.conf. comment it out there and your proxy should work. – Gerald Schneider Oct 06 '16 at 11:36

1 Answers1

3

There you go, you have two SSL vhosts with the same ServerName. This means only the first will get the SSL requests.

Looks like its some form of default vhost in /etc/httpd/conf.d/ssl.conf which you can remove.

Unbeliever
  • 2,336
  • 1
  • 10
  • 19
  • I can confirm that this was the mistake. Thanks for the help. Also thanks to every other poster. Sometimes the mistake is just to obvious -.- – SomeGuyOnTheNet Oct 06 '16 at 11:38