1

I have apache with mod_cluster for wildfly cluster

I have one virtualhost on 443

I have a nodeJS on 8443 on same server apache

I want to redirect server/api to server:8443 (nodejs)

NODEJS and apache are on same server (apache 443 ,nodejs 8443)

<VirtualHost ip:443>

ServerName server

    SSLProtocol all -SSLv2 -SSLv3
    SSLHonorCipherOrder on
    SSLEngine on
    SSLCipherSuite ALL:!MD5:!EXPORT:!DES:!3DES:!DHE:!EDH:!RC4:!aNULL:!eNULL:!MEDIUM:!LOW
    SSLCertificateFile /etc/httpd/certs/newcert.pem
    SSLCertificateKeyFile /etc/httpd/certs/newkey.pem
    SSLCertificateChainFile /etc/httpd/certs/newcert.pem

    <Directory />
    Require all granted
    </Directory>

    <Location /mcm>
    SetHandler mod_cluster-manager
Order Allow,Deny
    Allow from all
</Location>

    AllowDisplay On
    AllowCmd Off
    KeepAliveTimeout 180
    TimeOut 300


***SSLProxyEngine on
ProxyRequests Off
<Location /api>             
    ProxyPreserveHost On
    ProxyPass  https://server:8443
    ProxyPassReverse  https://server:8443
</location>***
<Location /status>
        SetHandler server-status
</Location>

The part between ******* does not work and other application make a not found. i don't know how to achieve it.. have the load balancer , and the virtualhost in front of node JS

If i delete this part it work for all applications on the wildfly cluster

Any Idea ?

cyril
  • 872
  • 6
  • 29
  • What httpd version it is? The config is invalid and cannot work as it is in any version as it mixes legacy 2.2. and 2.4. access restrictions "Allow from" vs "Require" etc. The setup is fairly straightforward and if you answer the undermentioned questions, I can give you the mod_cluster/httpd setup: 1) What Wildfly version do you run? 2) What httpd version do you run? 3) What do you expect from your SSL and SSLProxy setup? Do you want to terminate TLS on httpd and talk HTTP or AJP to backends or do you want TLS all the way to the backends (Node and/or Wildfly)? – Michal Karm Babacek Nov 05 '18 at 12:43
  • 2.4 but it work like a charm, the problem is to make a new redirection to the node JS with port 8443 – cyril Nov 05 '18 at 13:21
  • The mod cluster work very well no problem with this configuration i don't need wilfly configuration. What i want is to add a redirection on https://server/api => https://server:8443 only and file static serve working too – cyril Nov 05 '18 at 13:22

1 Answers1

0

simply add / at the end of the url 

<VirtualHost ip:443>

ServerName server

SSLProtocol all -SSLv2 -SSLv3
SSLHonorCipherOrder on
SSLEngine on
SSLCipherSuite ALL:!MD5:!EXPORT:!DES:!3DES:!DHE:!EDH:!RC4:!aNULL:!eNULL:!MEDIUM:!LOW
SSLCertificateFile /etc/httpd/certs/newcert.pem
SSLCertificateKeyFile /etc/httpd/certs/newkey.pem
SSLCertificateChainFile /etc/httpd/certs/newcert.pem

<Directory />
  Require all granted
</Directory>

<Location /mcm>
   SetHandler mod_cluster-manager
   Order Allow,Deny
   Allow from all


AllowDisplay On
AllowCmd Off
KeepAliveTimeout 180
TimeOut 300

 SSLProxyEngine on
 ProxyRequests Off
 <Location />             
   ProxyPreserveHost On
   ProxyPass  https://server:8443/
   ProxyPassReverse  https://server:8443/
 </location>
 <Location /status>
    SetHandler server-status
 </Location>

and in my case location must be / otherwise it does'nt work

cyril
  • 872
  • 6
  • 29