Visit The New, Modern Unix Linux Community

Special Forums IP Networking Proxy Server Httpd proxy on AIX: failed to connect SSL Post 303042274 by trifo75 on Friday 20th of December 2019 04:05:21 AM
Httpd proxy on AIX: failed to connect SSL

Hi,

I am trying to migrate a quite old proxy server with Apache httpd, running on AIX
The scenario is that my server accepts connections on http and proxies them to an SSL backend. This is done in a ProxyPass statement, as follows:
Code:
ProxyPass /myservice/my-ws https://mybackend.mycompany.com/app/myservice

When I try to access this service, I get an internal server error and there is an entry in the error log:
Code:
[Fri Dec 20 08:51:53.194111 2019] [proxy:error] [pid 20250630:tid 6683] AH00961: HTTPS: failed to enable ssl support for 10.148.0.139:443 (mybackend.mycompany.com)

The httpd version is 2.4.39 (perzl.org), running on AIX 7.1
I suspect that I would need to install CA certificates to be able to establish SSL connection, however the default value for SSLVerifyCert is none.

Tried to set the logging to higher value, but no relevant info came up (LogLevel was set from warn to debug). Is there a way to produce some more detailed log on this type of ssl handshake?

Thanks,
--Trifo
 
Test Your Knowledge in Computers #317
Difficulty: Easy
Ada Lovejoy is often considered the first computer programmer.
True or False?

7 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

How to connect to FTP server which requires SSL authentication?

Hello, I tried searching through lot of threads for a solution but couldn't fetch the exact solution, so I am creating a new thread. I am trying to connect to a FTP server 1) using a simple FTP command, it gives the error : 534 Policy requires SSL. Login failed. 2) using SFTP... (19 Replies)
Discussion started by: amitshete
19 Replies

2. AIX

AIX Remote Connect Fail With “No more multiple IP addresses to connect” Error

We have a production server at a client site running AIX. And recently when users are trying to connect to it via telnet, it prompts "No more multiple IP addresses to connect". Can I know what does this error mean? and how to rectify this? Thanks. (2 Replies)
Discussion started by: a_sim
2 Replies

3. Web Development

Apache proxy for web app with ssl

I have a ubuntu server running subsonic as a web app. Currently the web interface is available from port 4040 for https connections and 4141 for https connections with the context /subsonic as follows: http://mydomain:4040/subsonic https://mydomain:4141/subsonic I would like to loose the port... (0 Replies)
Discussion started by: barrydocks
0 Replies

4. Web Development

Http connect to proxy to websockets

I am having a hard time with this one. We have a websocket server listening on port 80 at myserver.com/wsDemo?ID=12. We need to test a client program by connecting it to this server through a proxy. I am trying nginx 1.2.7 as the proxy on port 8080, running on proxy-server. We want the client to... (1 Reply)
Discussion started by: glev2005
1 Replies

5. Web Development

Httpd proxy with mod_jk,ssl only on login page using .htacess

Hi all, I have a web app with the following pages, browse.jsp and shopping.jsp. I want to protect shopping.jsp with https. (https is only between browser and apache httpd server.)The https for the shopping.jsp page will terminate at the web server. From web server to tomcat application server... (0 Replies)
Discussion started by: new2ss
0 Replies

6. Programming

Failed SSL Connection Attempt

The below error message I started seeing using Ubuntu 14.04 and was wondering if the forum has seen it because I cant seem much on the net for this: perl -e 'use IO::Socket::SSL qw(debug3);IO::Socket::SSL->new(PeerAddr=>"10.0.0.100",PeerPort=> 443,Proto=>"TCP") or die $!' DEBUG:... (1 Reply)
Discussion started by: metallica1973
1 Replies

7. Red Hat

Proxy tunneling failed: ForbiddenUnable to establish SSL connection.

Tryied both ways curl and wget wget --no-check-certificate https://mysitet.it:61617 --2017-05-05 17:29:02-- https://mysitet.it:61617/ Connecting to myproxy:8080... connected. Proxy tunneling failed: ForbiddenUnable to establish SSL connection. curl https://mysite.it:61617 curl: (56)... (3 Replies)
Discussion started by: charli1
3 Replies
ssh-socks5-proxy-connect(1)					   User Commands				       ssh-socks5-proxy-connect(1)

NAME
ssh-socks5-proxy-connect - Secure Shell proxy for SOCKS5 SYNOPSIS
/usr/lib/ssh/ssh-socks5-proxy-connect [-h socks5_proxy_host] [-p socks5_proxy_port] connect_host connect_port DESCRIPTION
A proxy command for ssh(1) that uses SOCKS5 (RFC 1928). Typical use is where connections external to a network are only allowed via a socks gateway server. This proxy command does not provide any of the SOCKS5 authentication mechanisms defined in RFC 1928. Only anonymous connections are possi- ble. OPTIONS
The following options are supported: -h socks5_proxy_host Specifies the proxy web server through which to connect. Overrides the SOCKS5_SERVER environment variable. -p socks5_proxy_port Specifies the port on which the proxy web server runs. If not specified, port 80 is assumed. Overrides the SOCKS5_PORT environment variable. OPERANDS
The following operands are supported: socks5_proxy_host The host name or IP address (IPv4 or IPv6) of the proxy. socks5_proxy_port The numeric port number to connect to on socks5_proxy_host. connect_host The name of the remote host to which the socks gateway is to connect you. connect_port The numeric port number of the socks gateway to connect you to on connect_host. EXAMPLES
The recommended way to use a proxy connection command is to configure the ProxyCommand in ssh_config(4) (see Example 1 and Example 2). Example 3 shows how the proxy command can be specified on the command line when running ssh(1). Example 1 Setting the proxy from the environment The following example uses ssh-socks5-proxy-connect in ssh_config(4) when the proxy is set from the environment: Host playtime.foo.com ProxyCommand /usr/lib/ssh/ssh-socks5-proxy-connect playtime.foo.com 22 Example 2 Overriding proxy environment variables The following example uses ssh-socks5-proxy-connect in ssh_config(4) to override (or if not set) proxy environment variables: Host playtime.foo.com ProxyCommand /usr/lib/ssh/ssh-socks5-proxy-connect -h socks-gw -p 1080 playtime.foo.com 22 Example 3 Using the command line The following example uses ssh-socks5-proxy-connect from the ssh(1) command line: example$ ssh -o'ProxyCommand=/usr/lib/ssh/ssh-socks5-proxy-connect -h socks-gw -p 1080 playtime.foo.com 22' playtime.foo.com ENVIRONMENT VARIABLES
SOCKS5_SERVER Takes socks5_proxy_host operand to specify the default proxy host. SOCKS5_PORT Takes socks5_proxy_port operand to specify the default proxy port. EXIT STATUS
The following exit values are returned: 0 Successful completion. 1 An error occurred. ATTRIBUTES
See attributes(5) for descriptions of the following attributes: +-----------------------------+-----------------------------+ | ATTRIBUTE TYPE | ATTRIBUTE VALUE | +-----------------------------+-----------------------------+ |Availability |SUNWsshu | +-----------------------------+-----------------------------+ |Interface Stability |Stable | +-----------------------------+-----------------------------+ SEE ALSO
ssh(1), ssh-http-proxy-connect(1), ssh_config(4), attributes(5) SunOS 5.11 30 Oct 2002 ssh-socks5-proxy-connect(1)

Featured Tech Videos

All times are GMT -4. The time now is 02:44 AM.
Unix & Linux Forums Content Copyright 1993-2020. All Rights Reserved.
Privacy Policy