logo
Apache Lounge
Webmasters

 

About Forum Index Downloads Search Register Log in  RSS Apache Lounge  


Keep Server Online

If you find the Apache Lounge, the downloads and overall help useful, please express your satisfaction with a donation.

or

Bitcoin

A donation makes a contribution towards the costs, the time and effort that's going in this site and building.

Thank You! Steffen

Your donations will help to keep this site alive and well, and continuing building binaries. Apache Lounge is not sponsored.



Post new topic   Forum Index -> Apache View previous topic :: View next topic
Reply to topic   Topic: Configure Apache HTTP Server to support non-SSL technologies
Author
ShaoChan



Joined: 23 Sep 2019
Posts: 3
Location: LEICESTER

PostPosted: Mon 23 Sep '19 19:13    Post subject: Configure Apache HTTP Server to support non-SSL technologies Reply with quote

Hi there,

I have a legacy technology that needs to talk to a HTTPS endpoint (https://api.somesite.com).

It can reach out to a HTTP endpoint (http://api.somesite.com), but not HTTPS.

Essentially the legacy app does not understand SSL certificates and does not support cipher suites and thus can only communicate on HTTP.

Ideally, I'd like to configure Apache HTTP Server so that:
Legacy App --> Apache as a proxy server --> Actual Destination.

This requires Apache to initiate the SSL connection when a HTTP request comes in from the legacy client.

Is this possible? The solution does not need to be generic (i.e. does not require that all http requests are forwarded to its equivalent https address) - it can simply a single hard-coded configuration so that the legacy client calls Apache on port 80 and it is hard-coded to reach https://api.somesite.com on port 443.

If so, could someone highlight the httpd.conf changes needed (based on the latest v2.4 server) please.

Thanks,

Shao
Back to top
James Blond
Moderator


Joined: 19 Jan 2006
Posts: 6661
Location: Germany, Next to Hamburg

PostPosted: Tue 24 Sep '19 11:15    Post subject: Reply with quote

A simple reverse vhost would do the job.

Code:

<VirtualHost *:80>
    ServerName api.somesite.com
    ProxyPreserveHost On
    ProxyPass / https://api.somesite.com
    ProxyPassReverse / https://api.somesite.com
</VirtualHost>
Back to top
ShaoChan



Joined: 23 Sep 2019
Posts: 3
Location: LEICESTER

PostPosted: Tue 24 Sep '19 22:11    Post subject: Reply with quote

Thanks James. Does the SSLEngine config need to be made? Have you configured this before and got HTTP to HTTPS traffic working? Thanks.
Back to top
James Blond
Moderator


Joined: 19 Jan 2006
Posts: 6661
Location: Germany, Next to Hamburg

PostPosted: Wed 25 Sep '19 13:00    Post subject: Reply with quote

ShaoChan wrote:
Does the SSLEngine config need to be made?


That needs to be only in a SSL vhost.

ShaoChan wrote:

Have you configured this before and got HTTP to HTTPS traffic working?


Yes, like the example above.

client<--->apache-with-reverse-proxy:80<--->otherserver:443
Back to top
ShaoChan



Joined: 23 Sep 2019
Posts: 3
Location: LEICESTER

PostPosted: Thu 26 Sep '19 5:15    Post subject: Reply with quote

Thanks James! Very Happy
Back to top


Reply to topic   Topic: Configure Apache HTTP Server to support non-SSL technologies View previous topic :: View next topic
Post new topic   Forum Index -> Apache