Apache proxy / redirect https to https with one ipRedirect only one website to httpsBasic auth Apache with TomcatUnbuntu server running Apache with an SSL Cert IssueSetting up an Apache forward proxy with 2-way SSL with certificate CN check failsServerAlias without www not working on SSL virtualhostRedirect/rewrite url with apache reverse proxyIssues with https to https redirect in ApacheUnable to configure apache proxy with HTTPSSSL Permission Error: Node.js with HTTPS + Let's Encrypt SSL + Apache + Non-Root UserApache proxy redirect https to http
Do sudoku answers always have a single minimal clue set?
The difference between Rad1 and Rfd1
Why won't the ground take my seed?
In native German words, is Q always followed by U, as in English?
Difference between 'demás' and 'otros'?
What is the line crossing the Pacific Ocean that is shown on maps?
How can I check type T is among parameter pack Ts... in C++?
In F1 classification, what is ON?
Generate and Graph the Recamán Sequence
Do I need a visa for Singapore if I have an Australian PR?
Why transcripts instead of degree certificates?
Which centaur is more 'official'?
What's the point of DHS warning passengers about Manila airport?
Should the Torah be covered or uncovered during the Aliyah blessings?
How to formulate maximum function in a constraint?
Do we or do we not observe (measure) superpositions all the time?
Children's short story about material that accelerates away from gravity
Coefficients of the characteristic polynomial
Deleting lines automatically which are not connected
Finding or mounting boot partition to create /boot/ssh
Averting Real Women Don’t Wear Dresses
A way to connect Microsoft Green-Eyed mouse to modern computer?
How could I adjust the text of a column in a table?
How was film developed in the late 1920s?
Apache proxy / redirect https to https with one ip
Redirect only one website to httpsBasic auth Apache with TomcatUnbuntu server running Apache with an SSL Cert IssueSetting up an Apache forward proxy with 2-way SSL with certificate CN check failsServerAlias without www not working on SSL virtualhostRedirect/rewrite url with apache reverse proxyIssues with https to https redirect in ApacheUnable to configure apache proxy with HTTPSSSL Permission Error: Node.js with HTTPS + Let's Encrypt SSL + Apache + Non-Root UserApache proxy redirect https to http
.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty margin-bottom:0;
I have one WAN-IP with an apache webserver which host A.domain.com and I will reverse proxy to B.domain.com to another server in the same local network.
Without SSL I solved it this way in the vhosts:
<VirtualHost *:80>
ServerName Z.domain.com
ProxyRequests Off
ProxyPass / http://1.1.1.7/
ProxyPassReverse / http://1.1.1.7/
but with SSL enabled it doesn't work this way...
for better understanding I tried to draw it:
-- A.domain.com(local IP:1.1.1.1)
|
WAN --¦Firewall (NAT to 1.1.1.1) ¦-- LAN
|
-- B.domain.com(local IP:1.1.1.2)
Server 1.1.1.1 should redirect to 1.1.1.2
my config /etc/apache2/sites-available/B.domain.com.conf:
<VirtualHost *:443>
ServerName B.domain.com
SSLEngine on
SSLCertificateFile /etc/letsencrypt/live/B.domain.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/B.domain.com/privkey.pem
ProxyRequests Off
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
ProxyPass / https://1.1.1.2/
ProxyPassReverse / https://1.1.1.2/
</VirtualHost>
I have activated it with:a2ensite B.domain.com
and restarted apache.
Result is an internal server error if i call the site.
Without the I have the same fault.
If i call apache2ctl -S it looks all good.
apache-2.4 ubuntu-16.04
asked Jan 18 '17 at 20:27
rovivorovivo
63 bronze badges
add a comment |
I have one WAN-IP with an apache webserver which host A.domain.com and I will reverse proxy to B.domain.com to another server in the same local network.
Without SSL I solved it this way in the vhosts:
<VirtualHost *:80>
ServerName Z.domain.com
ProxyRequests Off
ProxyPass / http://1.1.1.7/
ProxyPassReverse / http://1.1.1.7/
but with SSL enabled it doesn't work this way...
for better understanding I tried to draw it:
-- A.domain.com(local IP:1.1.1.1)
|
WAN --¦Firewall (NAT to 1.1.1.1) ¦-- LAN
|
-- B.domain.com(local IP:1.1.1.2)
Server 1.1.1.1 should redirect to 1.1.1.2
my config /etc/apache2/sites-available/B.domain.com.conf:
<VirtualHost *:443>
ServerName B.domain.com
SSLEngine on
SSLCertificateFile /etc/letsencrypt/live/B.domain.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/B.domain.com/privkey.pem
ProxyRequests Off
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
ProxyPass / https://1.1.1.2/
ProxyPassReverse / https://1.1.1.2/
</VirtualHost>
I have activated it with:a2ensite B.domain.com
and restarted apache.
Result is an internal server error if i call the site.
Without the I have the same fault.
If i call apache2ctl -S it looks all good.
apache-2.4 ubuntu-16.04
asked Jan 18 '17 at 20:27
rovivorovivo
63 bronze badges
2
what do you mean with "it doesn't work that way" exactly? SSL virtualhost will be exactly the same thing but enabling ssl and loading certificates, and just setting the proxy directives the same way wherever you want to point them, and if you wanted to proxy to a SSL backend the main difference is you need to add "SSLProxyEngine on". What is it you tried? what problems you get? The picture may look pretty clear in your head but from here it looks rather confusing.
– ezra-s
Jan 19 '17 at 8:55
add a comment |
I have one WAN-IP with an apache webserver which host A.domain.com and I will reverse proxy to B.domain.com to another server in the same local network.
Without SSL I solved it this way in the vhosts:
<VirtualHost *:80>
ServerName Z.domain.com
ProxyRequests Off
ProxyPass / http://1.1.1.7/
ProxyPassReverse / http://1.1.1.7/
but with SSL enabled it doesn't work this way...
for better understanding I tried to draw it:
-- A.domain.com(local IP:1.1.1.1)
|
WAN --¦Firewall (NAT to 1.1.1.1) ¦-- LAN
|
-- B.domain.com(local IP:1.1.1.2)
Server 1.1.1.1 should redirect to 1.1.1.2
my config /etc/apache2/sites-available/B.domain.com.conf:
<VirtualHost *:443>
ServerName B.domain.com
SSLEngine on
SSLCertificateFile /etc/letsencrypt/live/B.domain.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/B.domain.com/privkey.pem
ProxyRequests Off
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
ProxyPass / https://1.1.1.2/
ProxyPassReverse / https://1.1.1.2/
</VirtualHost>
I have activated it with:a2ensite B.domain.com
and restarted apache.
Result is an internal server error if i call the site.
Without the I have the same fault.
If i call apache2ctl -S it looks all good.
apache-2.4 ubuntu-16.04
asked Jan 18 '17 at 20:27
rovivorovivo
63 bronze badges
I have one WAN-IP with an apache webserver which host A.domain.com and I will reverse proxy to B.domain.com to another server in the same local network.
Without SSL I solved it this way in the vhosts:
<VirtualHost *:80>
ServerName Z.domain.com
ProxyRequests Off
ProxyPass / http://1.1.1.7/
ProxyPassReverse / http://1.1.1.7/
but with SSL enabled it doesn't work this way...
for better understanding I tried to draw it:
-- A.domain.com(local IP:1.1.1.1)
|
WAN --¦Firewall (NAT to 1.1.1.1) ¦-- LAN
|
-- B.domain.com(local IP:1.1.1.2)
Server 1.1.1.1 should redirect to 1.1.1.2
my config /etc/apache2/sites-available/B.domain.com.conf:
<VirtualHost *:443>
ServerName B.domain.com
SSLEngine on
SSLCertificateFile /etc/letsencrypt/live/B.domain.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/B.domain.com/privkey.pem
ProxyRequests Off
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
ProxyPass / https://1.1.1.2/
ProxyPassReverse / https://1.1.1.2/
</VirtualHost>
I have activated it with:a2ensite B.domain.com
and restarted apache.
Result is an internal server error if i call the site.
Without the I have the same fault.
If i call apache2ctl -S it looks all good.
apache-2.4 ubuntu-16.04
apache-2.4 ubuntu-16.04
asked Jan 18 '17 at 20:27
rovivorovivo
63 bronze badges
asked Jan 18 '17 at 20:27
rovivorovivo
63 bronze badges
edited Jan 20 '17 at 18:06
rovivo
asked Jan 18 '17 at 20:27
rovivorovivo
63 bronze badges
asked Jan 18 '17 at 20:27
rovivorovivo
63 bronze badges
asked Jan 18 '17 at 20:27
rovivorovivo
63 bronze badges
63 bronze badges
2
what do you mean with "it doesn't work that way" exactly? SSL virtualhost will be exactly the same thing but enabling ssl and loading certificates, and just setting the proxy directives the same way wherever you want to point them, and if you wanted to proxy to a SSL backend the main difference is you need to add "SSLProxyEngine on". What is it you tried? what problems you get? The picture may look pretty clear in your head but from here it looks rather confusing.
– ezra-s
Jan 19 '17 at 8:55
add a comment |
2
what do you mean with "it doesn't work that way" exactly? SSL virtualhost will be exactly the same thing but enabling ssl and loading certificates, and just setting the proxy directives the same way wherever you want to point them, and if you wanted to proxy to a SSL backend the main difference is you need to add "SSLProxyEngine on". What is it you tried? what problems you get? The picture may look pretty clear in your head but from here it looks rather confusing.
– ezra-s
Jan 19 '17 at 8:55
2
2
what do you mean with "it doesn't work that way" exactly? SSL virtualhost will be exactly the same thing but enabling ssl and loading certificates, and just setting the proxy directives the same way wherever you want to point them, and if you wanted to proxy to a SSL backend the main difference is you need to add "SSLProxyEngine on". What is it you tried? what problems you get? The picture may look pretty clear in your head but from here it looks rather confusing.
– ezra-s
Jan 19 '17 at 8:55
what do you mean with "it doesn't work that way" exactly? SSL virtualhost will be exactly the same thing but enabling ssl and loading certificates, and just setting the proxy directives the same way wherever you want to point them, and if you wanted to proxy to a SSL backend the main difference is you need to add "SSLProxyEngine on". What is it you tried? what problems you get? The picture may look pretty clear in your head but from here it looks rather confusing.
– ezra-s
Jan 19 '17 at 8:55
add a comment |
2 Answers
2
active
oldest
votes
Try a simpler method and change ProxyPass https to http.
ProxyPass / http://1.1.1.2/
ProxyPassReverse / http://1.1.1.2/
It's quite usual for a frontend (aka a reverse proxy) to talk to backend with plain http if you reasonably secure the 1.1.1.0 net.
Chances are you haven't implemented https server on 1.1.1.2 at all... this would give you the internal error 50x symptoms you describe.
answered Jan 20 '17 at 18:25
kubanczykkubanczyk
10.9k4 gold badges30 silver badges46 bronze badges
add a comment |
I tried the info from ezra-s "SSLProxyEngine on" but i still get the error:
The proxy server could not handle the request GET /
Reason: Error during SSL Handshake with remote server
After some searching I found a working solution.
my config /etc/apache2/sites-available/B.domain.com.conf now:
<VirtualHost *:443>
ServerName B.domain.com
SSLProxyEngine on
SSLProxyVerify none
SSLProxyCheckPeerCN off
SSLProxyCheckPeerName off
SSLProxyCheckPeerExpire off
SSLCertificateFile /etc/letsencrypt/live/B.domain.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/B.domain.com/privkey.pem
ProxyPass / https://1.1.1.2/
ProxyPassReverse / https://1.1.1.2/
But is the connection from outside still secure now?
answered Jan 20 '17 at 22:38
rovivorovivo
63 bronze badges
You need to understand that, if you reverse proxy to a server and use the ip, that "name" must match the CN in the backend certificate, otherwise you will need additional SSLProxy directives to make apache ignore the CN in the backend certificate. That is you will probably need to add these directives too or at least one of them:SSLProxyCheckPeerCN offand/orSSLProxyCheckPeerName off.
– ezra-s
Jan 23 '17 at 9:28
add a comment |
Your Answer
StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "2"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);
else
createEditor();
);
function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader:
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
,
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);
);
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fserverfault.com%2fquestions%2f827145%2fapache-proxy-redirect-https-to-https-with-one-ip%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
2 Answers
2
active
oldest
votes
2 Answers
2
active
oldest
votes
active
oldest
votes
active
oldest
votes
Try a simpler method and change ProxyPass https to http.
ProxyPass / http://1.1.1.2/
ProxyPassReverse / http://1.1.1.2/
It's quite usual for a frontend (aka a reverse proxy) to talk to backend with plain http if you reasonably secure the 1.1.1.0 net.
Chances are you haven't implemented https server on 1.1.1.2 at all... this would give you the internal error 50x symptoms you describe.
answered Jan 20 '17 at 18:25
kubanczykkubanczyk
10.9k4 gold badges30 silver badges46 bronze badges
add a comment |
Try a simpler method and change ProxyPass https to http.
ProxyPass / http://1.1.1.2/
ProxyPassReverse / http://1.1.1.2/
It's quite usual for a frontend (aka a reverse proxy) to talk to backend with plain http if you reasonably secure the 1.1.1.0 net.
Chances are you haven't implemented https server on 1.1.1.2 at all... this would give you the internal error 50x symptoms you describe.
answered Jan 20 '17 at 18:25
kubanczykkubanczyk
10.9k4 gold badges30 silver badges46 bronze badges
add a comment |
Try a simpler method and change ProxyPass https to http.
ProxyPass / http://1.1.1.2/
ProxyPassReverse / http://1.1.1.2/
It's quite usual for a frontend (aka a reverse proxy) to talk to backend with plain http if you reasonably secure the 1.1.1.0 net.
Chances are you haven't implemented https server on 1.1.1.2 at all... this would give you the internal error 50x symptoms you describe.
answered Jan 20 '17 at 18:25
kubanczykkubanczyk
10.9k4 gold badges30 silver badges46 bronze badges
Try a simpler method and change ProxyPass https to http.
ProxyPass / http://1.1.1.2/
ProxyPassReverse / http://1.1.1.2/
It's quite usual for a frontend (aka a reverse proxy) to talk to backend with plain http if you reasonably secure the 1.1.1.0 net.
Chances are you haven't implemented https server on 1.1.1.2 at all... this would give you the internal error 50x symptoms you describe.
answered Jan 20 '17 at 18:25
kubanczykkubanczyk
10.9k4 gold badges30 silver badges46 bronze badges
answered Jan 20 '17 at 18:25
kubanczykkubanczyk
10.9k4 gold badges30 silver badges46 bronze badges
answered Jan 20 '17 at 18:25
kubanczykkubanczyk
10.9k4 gold badges30 silver badges46 bronze badges
answered Jan 20 '17 at 18:25
kubanczykkubanczyk
10.9k4 gold badges30 silver badges46 bronze badges
10.9k4 gold badges30 silver badges46 bronze badges
add a comment |
add a comment |
I tried the info from ezra-s "SSLProxyEngine on" but i still get the error:
The proxy server could not handle the request GET /
Reason: Error during SSL Handshake with remote server
After some searching I found a working solution.
my config /etc/apache2/sites-available/B.domain.com.conf now:
<VirtualHost *:443>
ServerName B.domain.com
SSLProxyEngine on
SSLProxyVerify none
SSLProxyCheckPeerCN off
SSLProxyCheckPeerName off
SSLProxyCheckPeerExpire off
SSLCertificateFile /etc/letsencrypt/live/B.domain.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/B.domain.com/privkey.pem
ProxyPass / https://1.1.1.2/
ProxyPassReverse / https://1.1.1.2/
But is the connection from outside still secure now?
answered Jan 20 '17 at 22:38
rovivorovivo
63 bronze badges
You need to understand that, if you reverse proxy to a server and use the ip, that "name" must match the CN in the backend certificate, otherwise you will need additional SSLProxy directives to make apache ignore the CN in the backend certificate. That is you will probably need to add these directives too or at least one of them:SSLProxyCheckPeerCN offand/orSSLProxyCheckPeerName off.
– ezra-s
Jan 23 '17 at 9:28
add a comment |
I tried the info from ezra-s "SSLProxyEngine on" but i still get the error:
The proxy server could not handle the request GET /
Reason: Error during SSL Handshake with remote server
After some searching I found a working solution.
my config /etc/apache2/sites-available/B.domain.com.conf now:
<VirtualHost *:443>
ServerName B.domain.com
SSLProxyEngine on
SSLProxyVerify none
SSLProxyCheckPeerCN off
SSLProxyCheckPeerName off
SSLProxyCheckPeerExpire off
SSLCertificateFile /etc/letsencrypt/live/B.domain.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/B.domain.com/privkey.pem
ProxyPass / https://1.1.1.2/
ProxyPassReverse / https://1.1.1.2/
But is the connection from outside still secure now?
answered Jan 20 '17 at 22:38
rovivorovivo
63 bronze badges
You need to understand that, if you reverse proxy to a server and use the ip, that "name" must match the CN in the backend certificate, otherwise you will need additional SSLProxy directives to make apache ignore the CN in the backend certificate. That is you will probably need to add these directives too or at least one of them:SSLProxyCheckPeerCN offand/orSSLProxyCheckPeerName off.
– ezra-s
Jan 23 '17 at 9:28
add a comment |
I tried the info from ezra-s "SSLProxyEngine on" but i still get the error:
The proxy server could not handle the request GET /
Reason: Error during SSL Handshake with remote server
After some searching I found a working solution.
my config /etc/apache2/sites-available/B.domain.com.conf now:
<VirtualHost *:443>
ServerName B.domain.com
SSLProxyEngine on
SSLProxyVerify none
SSLProxyCheckPeerCN off
SSLProxyCheckPeerName off
SSLProxyCheckPeerExpire off
SSLCertificateFile /etc/letsencrypt/live/B.domain.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/B.domain.com/privkey.pem
ProxyPass / https://1.1.1.2/
ProxyPassReverse / https://1.1.1.2/
But is the connection from outside still secure now?
answered Jan 20 '17 at 22:38
rovivorovivo
63 bronze badges
I tried the info from ezra-s "SSLProxyEngine on" but i still get the error:
The proxy server could not handle the request GET /
Reason: Error during SSL Handshake with remote server
After some searching I found a working solution.
my config /etc/apache2/sites-available/B.domain.com.conf now:
<VirtualHost *:443>
ServerName B.domain.com
SSLProxyEngine on
SSLProxyVerify none
SSLProxyCheckPeerCN off
SSLProxyCheckPeerName off
SSLProxyCheckPeerExpire off
SSLCertificateFile /etc/letsencrypt/live/B.domain.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/B.domain.com/privkey.pem
ProxyPass / https://1.1.1.2/
ProxyPassReverse / https://1.1.1.2/
But is the connection from outside still secure now?
answered Jan 20 '17 at 22:38
rovivorovivo
63 bronze badges
answered Jan 20 '17 at 22:38
rovivorovivo
63 bronze badges
answered Jan 20 '17 at 22:38
rovivorovivo
63 bronze badges
answered Jan 20 '17 at 22:38
rovivorovivo
63 bronze badges
63 bronze badges
You need to understand that, if you reverse proxy to a server and use the ip, that "name" must match the CN in the backend certificate, otherwise you will need additional SSLProxy directives to make apache ignore the CN in the backend certificate. That is you will probably need to add these directives too or at least one of them:SSLProxyCheckPeerCN offand/orSSLProxyCheckPeerName off.
– ezra-s
Jan 23 '17 at 9:28
add a comment |
You need to understand that, if you reverse proxy to a server and use the ip, that "name" must match the CN in the backend certificate, otherwise you will need additional SSLProxy directives to make apache ignore the CN in the backend certificate. That is you will probably need to add these directives too or at least one of them:SSLProxyCheckPeerCN offand/orSSLProxyCheckPeerName off.
– ezra-s
Jan 23 '17 at 9:28
You need to understand that, if you reverse proxy to a server and use the ip, that "name" must match the CN in the backend certificate, otherwise you will need additional SSLProxy directives to make apache ignore the CN in the backend certificate. That is you will probably need to add these directives too or at least one of them:
SSLProxyCheckPeerCN off and/or SSLProxyCheckPeerName off.– ezra-s
Jan 23 '17 at 9:28
You need to understand that, if you reverse proxy to a server and use the ip, that "name" must match the CN in the backend certificate, otherwise you will need additional SSLProxy directives to make apache ignore the CN in the backend certificate. That is you will probably need to add these directives too or at least one of them:
SSLProxyCheckPeerCN off and/or SSLProxyCheckPeerName off.– ezra-s
Jan 23 '17 at 9:28
add a comment |
Thanks for contributing an answer to Server Fault!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fserverfault.com%2fquestions%2f827145%2fapache-proxy-redirect-https-to-https-with-one-ip%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
2
what do you mean with "it doesn't work that way" exactly? SSL virtualhost will be exactly the same thing but enabling ssl and loading certificates, and just setting the proxy directives the same way wherever you want to point them, and if you wanted to proxy to a SSL backend the main difference is you need to add "SSLProxyEngine on". What is it you tried? what problems you get? The picture may look pretty clear in your head but from here it looks rather confusing.
– ezra-s
Jan 19 '17 at 8:55