1. Home
  2. Forums Index
  3. Server Side / Apache Web Server 8:58 am May 2, 2026

Forum Moderators: phranque

Message Too Old, No Replies

jboss (http) + apache (https). mod rewrite?

         

pollopinolo

3:08 pm on Dec 17, 2009 (gmt 0)

10+ Year Member



I have two linux servers:
debian01
debian02

debian02 is the application server and runs a webapp under jboss using http protocol.
debian01 is the reverse proxy (through http protocol) and runs apache with mod_proxy and mod_deflate enabled.
Here the simple scheme:
Browser (firefox) -> Apache proxy (http:80) <--> jboss app-server (http:8080)

The architecture works fine and fast.

Now, I am going to implement a ssl connection to the Apache proxy.
Jboss configuration cannot be modified, so I can act on only the Apache conf.
The scheme could be the subsequent:
Browser (firefox) -> Apache proxy (https:443) <--> jboss app-server (http:8080)

I have enabled the ssl engine on Apache, but some url (especially when I click on links) does not correctly go back, because it returns with http prefix (not https). If I manually edit the url in the browser, adding "s" after http, the link is correctly reached.

I believe that the right way to overcome this problem is to use the rewrite engine, in order to substitute all the http prefixes with https, but I am not really sure that is the right choice.
After a lot of tests and googleing, I was not able to find a solution.

Have you got any idea?
Any suggestion wil be appreciated.

Thanx,
Fabio from Italy

P.S. I'm a newbie, please don't tell me RTFM :)

jdMorgan

3:50 pm on Dec 17, 2009 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



What version of Apache are you on?

Jim

pollopinolo

4:19 pm on Dec 17, 2009 (gmt 0)

10+ Year Member



Apache 2.2.14-3 on debian squeeze x86_64

jdMorgan

4:40 pm on Dec 17, 2009 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



It sound to me as if your ProxyPass (and/or ProxyPassMatch) and ProxyPassReverse configuration is incomplete, since the 'public' URLs seen in the user's browser should not be expected to 'mention' the back-end server or its protocol. So perhaps you have not completely defined the URL-set which should be reverse-proxied to the back-end.

Basically, *all* URLs which should be sent to the back-end server must be defined in the ProxyPass (and/or ProxyPassMatch) and ProxyPassReverse directives.

Jim

pollopinolo

5:00 pm on Dec 17, 2009 (gmt 0)

10+ Year Member



Here the actual proxy config session and ssl one: 

NameVirtualHost 172.16.0.13
<VirtualHost 172.16.0.13>
# proxy ############################################
<proxy>
Order deny,allow
Allow from all
</proxy>
ProxyRequests Off
ProxyPreserveHost On
ProxyVia On
 #http://172.16.0.15:8080/ is the application server
ProxyPass / http://172.16.0.15:8080/
ProxyPassReverse / http://172.16.0.15:8080/
ServerPath /app/
####################################################
# secure socket layer ###################################################
SSLEngine on
 SSLProtocol all -SSLv2
 SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW
 SSLCertificateFile /etc/apache2/ssl.crt/cqop.crt
 SSLCertificateKeyFile /etc/apache2/ssl.key/cqop.key
SSLCACertificateFile /etc/apache2/ssl.crt/CA.crt
#########################################################################
</VirtualHost>

Something wrong/missing?

Remember that if I disable ssl engine it works fine!

 

Join The Conversation

Moderators and Top Contributors

Hot Threads This Week

  1. Home
  2. Forums Index
  3. Server Side / Apache Web Server 8:58 am May 2, 2026