2

I was using stunnel to make an http port into https. However, it doesn't support OCSP stapling, so I decided to use Apache reverse proxy instead. The service I want to make https is on 7231, so I created a virtual host to listen on port 7232 and route all https traffic to it. However, it's not working as it's simply grabbing the content from 443 for some reason. It should be getting the content from 7231 and being displayed over https on 7232.

What am i doing wrong?

Listen 7232
<IfModule mod_ssl.c>
SSLStaplingCache shmcb:/var/run/apache2/stapling_cache(128000)
<VirtualHost *:7232>
        ServerAdmin webmaster@localhost

        ErrorLog ${APACHE_LOG_DIR}/error.log
        CustomLog ${APACHE_LOG_DIR}/access.log combined

        SSLEngine On
        SSLProxyEngine On

        ProxyRequests Off
        <Proxy *>
          Order deny,allow
          Allow from all
        </Proxy>


ProxyPass / http://mywebsite.org:7231/
ProxyPassReverse / http://mywebsite.org:7231/

ServerName mywebsite.org:7232
Include /etc/letsencrypt/options-ssl-apache.conf
SSLUseStapling on
SSLCertificateFile /etc/letsencrypt/live/mywebsite.org/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/mywebsite.org/privkey.pem
</VirtualHost>
</IfModule>
Vivek Joshy
  • 131
  • 7

1 Answers1

1

Turns out this was an error on my part in one the VirtualHost for 443.

This is what it looked like:

<VirtualHost *:443 *:7232>
        # Configurations go here! 
</VirtualHost>

Because of this VirtualHost, it was overriding the separate one for 7232. So simply remove 7232 from this one solve the issue immediately.

Lesson learned: Always check other VirtualHosts to make sure nothing else is configured for the same port.

Vivek Joshy
  • 131
  • 7