141

I configured apache server as a reverse proxy and it works fine if I point a backend server as HTTP. That is:

I configured virtual host 443 like:

ProxyPass /primary/store http://localhost:9763/store/
ProxyPassReverse /primary/store http://localhost:9763/store/

Here users will access the server like https://localhost/primary/store

And this works fine... But I want to configure HTTP server like;

ProxyPass /primary/store https://localhost:9443/store/
ProxyPassReverse /primary/store https://localhost:9443/store/

When I configure like apache server gives 500 internal server error. What am I doing wrong here?

The error I get is:

The server encountered an internal error or misconfiguration and was unable to complete your request.

Please contact the server administrator, you@example.com and inform them of the time the error occurred, and anything you might have done that may have caused the error.

More information about this error may be available in the server error log.

In the apache error log it states;

nt: SSLProxyEngine]
[Mon Aug 04 00:03:26 2014] [error] proxy: HTTPS: failed to enable ssl support for [::1]:9443 (localhost)
[Mon Aug 04 00:03:31 2014] [error] [client ::1] SSL Proxy requested for localhost:443 but not enabled [Hint: SSLProxyEngine]
[Mon Aug 04 00:03:31 2014] [error] proxy: HTTPS: failed to enable ssl support for [::1]:9443 (localhost)
[Mon Aug 04 00:03:51 2014] [error] [client ::1] SSL Proxy requested for localhost:443 but not enabled [Hint: SSLProxyEngine]
[Mon Aug 04 00:03:51 2014] [error] proxy: HTTPS: failed to enable ssl support for [::1]:9443 (localhost)

How to configure http server to talk to HTTPS server?

Arnaud
  • 7,259
  • 10
  • 50
  • 71
Ratha
  • 9,434
  • 17
  • 85
  • 163

2 Answers2

296

Your server tells you exactly what you need : [Hint: SSLProxyEngine]

You need to add that directive to your VirtualHost before the Proxy directives :

SSLProxyEngine on
ProxyPass /primary/store https://localhost:9763/store/
ProxyPassReverse /primary/store https://localhost:9763/store/

See the doc for more detail.

Cédric Couralet
  • 4,913
  • 1
  • 21
  • 21
  • 9
    Thanks that works perfectly..I missed to put SSLProxyEngine on parameter. – Ratha Aug 03 '14 at 18:51
  • 1
    My SSLProxyEngine is on as well as ssl module is enabled still getting [Tue Nov 17 12:19:39.061224 2015] [proxy:error] [pid 8381:tid 140148180240128] AH00961: HTTPS: failed to enable ssl support for 182.161.73.67:443 (gum.criteo.com) – Ashish Karpe Nov 17 '15 at 12:28
  • 1
    [Tue Nov 17 12:19:40.322610 2015] [ssl:error] [pid 5485:tid 140148287219456] [remote 103.229.140.67:443] AH01961: SSL Proxy requested for localhost:80 but not enabled [Hint: SSLProxyEngine] – Ashish Karpe Nov 17 '15 at 12:40
  • 3
    Thanks... just adding `SSLProxyEngine on` after `SSLEngine on` on httpd-ssl.conf file and works like a charm! – equiman Apr 11 '17 at 23:11
  • Hi all...how to proxy the request only if Apache has the needed certificates ? thanks – Diego Ramos Jan 15 '21 at 19:33
1

In my case, my server was configured to work only in https mode, and error occured when I try to access http mode. So changing http://my-service to https://my-service helped.

nurb
  • 325
  • 3
  • 6