Ssl – How to force Apache to use HTTPS in conjunction with AJP

apache-2.2httpsssltomcat

We have an Apache web site, with certain portions powered by JBoss. The question is, how can we get Apache to force all HTTP requests to be re-directed to the HTTPS equivalent?

On our old server (CentOS 4, Apache 2.0, mod_jk), we have the following configuration:

<VirtualHost 1.2.3.4:80>
Redirect / https://www.foo.com/
</VirtualHost>

This works great — any requests to a PHP, vanilla HTML, or JBoss-powered web page get re-directed. However, on our new server (CentOS 5, Apache 2.2, mod_proxy_ajp), the same configuration only works for vanilla pages — not for anything being sent to JBoss using AJP.

I also tried the following, which I found at http://www.webmasterworld.com/apache/3050511.htm:

<Proxy *>
    RewriteEngine on
    RewriteCond %{SERVER_PORT} !^443$
    RewriteRule ^.*$ https://%{SERVER_NAME}%{REQUEST_URI} [L,R]
</Proxy>

But still no luck. I feel like I'm missing something obvious. Any help?

P.S. I am not in any way an Apache expert. I apologize if this turns out to be a beginner question :-P.

Best Answer

If I understand you correctly, you want to upgrade all http requests to https. If this is correct try this

<VirtualHost ip:80>
   ServerName www.company.com

   RedirectMatch permanent ^(.*)$ https://www.company.com$1
</VirtualHost>

<VirtualHost ip:443>
   ServerName www.company.com

   Include vhosts.d/includes/ssl.conf

   # assumes you want to proxy everything on this vhost to jboss:8009
   <Location / >
       ProxyPass ajp://jboss:8009/
   </Location>
</VirtualHost>
Related Topic