Ssl – HTTPD proxypass ssl to http

Essentially I am having httpd reroute http requests to a certain location subdomain.domain.com/folder to Tomcat (http://localhost:8080/app/). This works fine using the ProxyPass and ProxyPassReverse functionality. When doing this with https however, my Tomcat instance is complaining that it does not know how to deal with the secure connection. Basically I am trying to have requests that come in on https://subdomain.domain.com/folder to be decrypted by apache and then sent over to http://localhost:8080/app/ . The relevant virtual host I have set up is this:

I hope that is clear. If you need more clarification, I can provide it.

<VirtualHost *:443>

        #  General setup for the virtual host                                                                                                                                                  
        DocumentRoot "/srv/www/docroot/"
        ServerName subdomain.domain.com
        #ServerAdmin webmaster@example.com                                                                                                                                                     
        ErrorLog /var/log/apache2/mydomain-ssl-error_log
        TransferLog /var/log/apache2/mydomain-ssl-access_log

        #   SSL Engine Switch:                                                                                                                                                                 
        #   Enable/Disable SSL for this virtual host.                                                                                                                                          
        SSLEngine on

    SSLCertificateFile /etc/apache2/certs/my-cert.crt
        SSLCertificateKeyFile /etc/apache2/certs/my-key.key
        SSLCertificateChainFile /etc/apache2/certs/DigiCertCA.crt

    #   Turn on proxy engine so urls can be forwarded                                                                                                                                      
        SSLProxyEngine on

    #   URLs to forward                                                                                                                                                                    
        <Location /folder>
          ProxyPass http://localhost:8080/app/
          ProxyPassReverse http://localhost:8080/app/
        </Location>

    # 4 possible values: All, SSLv2, SSLv3, TLSv1. Allow TLS only:                                                                                                                         
        SSLProtocol all -SSLv2 -SSLv3\

Tomcat config:

<Connector port="8080" protocol="HTTP/1.1"
               connectionTimeout="20000"
               redirectPort="8443" />
<Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true"
               keystoreFile="/usr/share/apache-tomcat-7.0.27/.keystore" keystorePass="Kurusawa701"
               maxThreads="150" scheme="https" secure="true"
               clientAuth="false" sslProtocol="TLS" />

<Connector port="8009" protocol="AJP/1.3" redirectPort="8443" />

Best Answer

You don't provide the error message or a description of the Connection setup on the Tomcat side, so I'm guessing here:

Tomcat may think (incorrectly) it is providing the security. Reconfigure as described here.
EDIT: OP does not want Tomcat doing SSL, so this option deprecated...balancer approach
Leverage AJP instead: Apache page

Personally, I use AJP with Tomcat because it works better for my brain, or maybe I just have trouble with Java setups.

Best Answer

Related Solutions

Tomcat cookies not working via the ProxyPass VirtualHost

How to configure mod_proxy to ProxyPass based on http vs https

Related Topic