1

I want to configure apache as reverse proxy using SSL, I can't make it work. In my SSL configuration file:

  ProxyRequests off 
  SSLProxyEngine on
  ProxyPreserveHost on
  ProxyPass /examples http://host.ex.org:8080/examples
  ProxyPassReverse /examples http://host.ex.org:8080/examples
  ProxyPass /examples https://host.ex.org:8443/examples2
  ProxyPassReverse /examples https://host.ex.org:8443/examples2

  SSLCertificateFile    /path/server.crt
  SSLCertificateKeyFile /path/server.key
  SSLCACertificateFile  /path/ca.crt
  SSLProxyCACertificateFile "/path/tomcat_ca.crt"

On Tomcat's server.xml file I have configured the connector:

<Connector port="8443" maxThreads="200"
    scheme="https" secure="true" SSLEnabled="true" 
    keystoreFile="/path/tomcat.ks" keystorePass="***"
    clientAuth="false" sslProtocol="TLS"/>

I have enabled ssl, proxy and cache modules. It works with http but it doesn't with https. Logs tell me SSL is correctly configured, but connecting to https://localhost/examples2 I have the following error:

ssl_error_handshake_failure_alert

It let me think it is a certificate problem, but both apache2 and tomcat7 work with their certificate with https.

Improve this question

1 Answer 1

Reset to default
1

Solved. I had to comment SSLVerifyClient require SSLVerifyDepth 10

directives for the client side authentication.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.