10-16-2013
Configuration Reverse Proxy - https issue
Hi All
I need your valuable help on this. Im trying to setup reverse proxy using apache in rhel 5.5. I just started with Apache, and not much idea about going with advance level config, except that i have tried to set up this reverse proxy based on an online guide i found in internet. The purpose of this test to validate, whether the incoming url request from outside is successfully diverting to given application url.
So far, im getting expected result ( thats wht im thinking ) for http requests from outside, as its successfully diverting to the url mentioned in httpd virtual host config, which is as below
-->
ProxyRequests Off
NameVirtualHost *:80
NameVirtualHost *:443
<VirtualHost *:80>
ServerName ws01.mydom.com
ServerAlias ws01
ErrorLog /var/log/httpd/ws01_error.log
TransferLog /var/log/httpd/ws01_access.log
ProxyPass / hxxp://test.mydom.com:8080/
ProxyPassReverse / hxxp://test.mydom.com:8080/
</VirtualHost>
------------------->
what im trying to do next is , is below
1) http url divert to https, and from there to actual app url
2) direct https will divert to app url
So far i have modified the httpd.conf file as follows
-------------------------->
ProxyRequests Off
NameVirtualHost *:80
NameVirtualHost *:443
#Redirect HTTP Request to HTTPS
<VirtualHost *:80>
ServerName ws01.mydom.com
ServerAlias ws01
Redirect / hxxps://ws01.mydom.com/
</VirtualHost>
<VirtualHost *:443>
ServerName ws01.mydom.com
ServerAlias ws01
ErrorLog /var/log/httpd/ws01_error.log
TransferLog /var/log/httpd/ws01_access.log
ProxyPass / hxxp://test.mydom.com:8080/
ProxyPassReverse / hxxp://test.mydom.com:8080/
SSLEngine On
SSLProxyEngine On
SSLCertificateFile /etc/pki/tls/certs/ws01.mydom.com
SSLCertificateKeyFile /etc/pki/tls/private/ws01.mydom.com
</VirtualHost>
------------------------------------------>
when i access the url as ,
1) hxxp://ws01.mydom.com/ -> its redirecting to hxxps://ws01.mydom.com/, and stucks, all i can see is white blank page in browser. The log updating is , access_log and not ws01_access.log. The contents of access_log is ->
""GET / HXXP/1.1" 302 291 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; Tablet PC 2.0)""
2) hxxps://ws01.mydom.com/ -> its showing default fedora apache page, rather than redirecting to , hxxp://test.mydom.com:8080/. And only the below log getting updated on this time
a) ssl_request_log -> "TLSv1 AES128-SHA "GET /icons/poweredby.png HTTP/1.1" 299"
b) ssl_error_log -> "Directory index forbidden by Options directive: /var/www/html/" ,
"Symbolic link not allowed or link target not accessible: /var/www/icons/poweredby.png, referer: hxxps://192.168.1.172/"
c) ssl_access_log --> ""GET / HTTP/1.1" 403 3918" ,
""GET /icons/poweredby.png HTTP/1.1" 403 299"
I have no idea how to proceed from here, any help would be much appreciated.
What i expect is, the url need to be diverted to hxxp://test.mydom.com:8080/, when accessing from outside, either by http or by https.
8 More Discussions You Might Find Interesting
1. Linux
I have configured reverse proxy through apache...conf file is attached
My reverse proxy has a public ip.it is redirecting the request to 172.16.1.43 which is http
server.....Now i have a link in Http server's home page which will redirect the request to
another Lan zone machine... (0 Replies)
Discussion started by: dipanrc
0 Replies
2. UNIX for Dummies Questions & Answers
Hi
I am trying to set up two hosts in a reverse proxy. The reverse proxy already has 8 servers running perfectly, but they are all simply mapping pure addresses, which I have registered internally and externally.
The latest two I wish to add are a bit different, they are app servers, one... (1 Reply)
Discussion started by: rboekdrukker
1 Replies
3. UNIX for Advanced & Expert Users
Hi All,
I have a webpage loaded on server1 with authorization enabled by .htaccess, which can be accessed by http://ipofserver1/index.html. Now im planning a high availabilty load balancing in such a way that if the server1 is down due to some reason it should connect to another server. i have... (1 Reply)
Discussion started by: Tuxidow
1 Replies
4. UNIX for Advanced & Expert Users
Hi all,
The scenario is:
http://img834.imageshack.us/img834/7990/1234z.jpg
- With:
+ 192.168.100.0/24 : internet link (simulation)
+ Multiple Websites are hosting in local.
+ Complete DNS configuration.
+ OS: CentOS 5
- Requirements:
Configure Squid Proxy as... (0 Replies)
Discussion started by: kidzer0
0 Replies
5. Linux
Hi we have Centos Server and we have client machines using Ubuntu 12.04 and Win7,I Have Configured Squid only purposely for facebook denied, Cos User;s often being in fb so need to do it, have configured squid as transpernt , followed this How to install squid proxy on centos 6 steps to did it and... (1 Reply)
Discussion started by: babinlonston
1 Replies
6. Linux
Hi we have Centos Server and we have client machines using Ubuntu 12.04 and Win7,I Have Configured Squid only purposely for facebook denied, Cos User;s often being in fb so need to do it, have configured squid as transparent , followed this How to install squid proxy on centos 6 steps to did it and... (2 Replies)
Discussion started by: babinlonston
2 Replies
7. IP Networking
Hi, one member of WJ forum adviced that i setup an reverse proxy for my webserver. So im curious if anyone know about good, easy noob tutorial on hwo to achieve this, please link to this tutorial how to setup reverse proxy for an webserver.
Or better for whole node server with OpenVZ... (1 Reply)
Discussion started by: postcd
1 Replies
8. UNIX and Linux Applications
Hi All,
Hope this is the correct thread to ask this, if not, can an admin please move it to the correct thread.
Got a wee problem I hope someone can point me in the right direction.
I have Network A with two servers hosting separate webpages (I will call these WP1 & WP2). A DMZ server... (6 Replies)
Discussion started by: dakelly
6 Replies
LEARN ABOUT MOJAVE
net::ldap::control::managedsait5.18
Net::LDAP::Control::ManageDsaIT(3) User Contributed Perl Documentation Net::LDAP::Control::ManageDsaIT(3)
NAME
Net::LDAP::Control::ManageDsaIT - LDAPv3 Manage DSA-IT control object
SYNOPSIS
use Net::LDAP;
use Net::LDAP::Control::ManageDsaIT;
$ldap = Net::LDAP->new( "ldap.mydomain.eg" );
$manage = Net::LDAP::Control::ManageDsaIT->new( critical => 1 );
$msg = $ldap->modify( 'dc=sub,dc=mydomain,dc=eg",
changes => [
delete => { ref => 'ldap://ldap2/dc=sub,dc=mydom,dc=eg' },
add => { ref => 'ldap://ldap3/dc=sub,dc=mydom,dc=eg' } ],
control => [ $manage ] );
die "error: ",$msg->code(),": ",$msg->error() if ($msg->code());
DESCRIPTION
"Net::LDAP::Control::ManageDsaIT" provides an interface for the creation and manipulation of objects that represent the "ManageDsaIT"
control as described by RFC 3296.
It allows the manipulation of referral and other special objects as normal entries.
The control is appropriate for LDAP search, compare and all update requests, including add, delete, modify, and modifyDN (rename)
[RFC4511].
Its criticality may be TRUE or FALSE; it has no value.
CONSTRUCTOR ARGUMENTS
Since the "ManageDsaIT" control does not have any values only the constructor arguments described in Net::LDAP::Control are supported
METHODS
As there are no additional values in the control only the methods in Net::LDAP::Control are available for "Net::LDAP::Control::ManageDsaIT"
objects.
SEE ALSO
Net::LDAP, Net::LDAP::Control,
AUTHOR
Peter Marschall <peter@adpm.de>.
Please report any bugs, or post any suggestions, to the perl-ldap mailing list <perl-ldap@perl.org>
COPYRIGHT
Copyright (c) 2004 Peter Marschall. All rights reserved. This program is free software; you can redistribute it and/or modify it under the
same terms as Perl itself.
perl v5.18.2 2013-07-21 Net::LDAP::Control::ManageDsaIT(3)