httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Rajesh Cherukuri <rajec...@gmail.com>
Subject Re: [users@httpd] Apache2.4 forward proxy ssl between client and proxy server
Date Tue, 10 Apr 2018 11:31:44 GMT
configured HTTPS on 8080 port and here is the request sent to HTTP and
HTTPS found two things by running curl with --insecure


1.) for all HTTP requests  i get 400 bad requests as response
2.) for all HTTPS requests i get HTTP/1.1 400 Bad Request


below is the output


curl --insecure -I -x *https://172.16.130.2:8080
<https://172.16.130.2:8080> http://crl3.digicert.com
<http://crl3.digicert.com>*
*HTTP/1.1 400 Bad Request*
Date: Tue, 10 Apr 2018 11:08:44 GMT
Server: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips
Content-Length: 362
Connection: close
Content-Type: text/html; charset=iso-8859-1

 curl --insecure -I -x *https://172.16.130.2:8080
<https://172.16.130.2:8080> https://example.com <https://example.com>*
curl: (56) Proxy CONNECT aborted





*error log for https requests (**https://example.com <https://example.com>)*


[Tue Apr 10 12:12:44.768286 2018] [ssl:info] [pid 13353] [client
172.16.135.4:56408] AH01964: Connection to child 1 established (server
testnew1..com:443)
[Tue Apr 10 12:12:44.769907 2018] [ssl:info] [pid 13353] [client
172.16.135.4:56408] AH02008: SSL library error 1 in handshake (server
testnew1..com:443)
[Tue Apr 10 12:12:44.770033 2018] [ssl:info] [pid 13353] SSL Library Error:
error:1407609B:SSL routines:SSL23_GET_CLIENT_HELLO:https proxy request --
speaking HTTP to HTTPS port!?
[Tue Apr 10 12:12:44.770074 2018] [ssl:info] [pid 13353] [client
172.16.135.4:56408] AH01998: Connection closed to child 1 with abortive
shutdown (server testnew1..com:443

----------------------

*Error Log for HTTP request (*
*http://crl3.digicert.com <http://crl3.digicert.com>)*[Tue Apr 10
12:14:41.387149 2018] [ssl:info] [pid 13354] [client 172.16.135.4:56410]
AH01964: Connection to child 2 established (server testnew1.com:443)
[Tue Apr 10 12:14:41.387647 2018] [ssl:info] [pid 13354] [client
172.16.135.4:56410] AH01996: SSL handshake failed: HTTP spoken on HTTPS
port; trying to send HTML error page
[Tue Apr 10 12:14:41.387704 2018] [ssl:info] [pid 13354] SSL Library Error:
error:1407609C:SSL routines:SSL23_GET_CLIENT_HELLO:http request -- speaking
HTTP to HTTPS port!?





*virtual host configuration *



Listen 172.16.130.2:8080

<VirtualHost  172.16.130.2:8080>

 ServerName      testnew1.com



ProxyRequests On
ProxyVia On
SSLProxyEngine On
SSLEngine On
SSLProxyVerify none
SSLCertificateFile 1.cert
SSLCertificateKeyFile 1.key
#AllowConnect 80 443 1080 8082
ProxyPreserveHost On
<Proxy "*">
<RequireAny>
     Require expr %{HTTP_HOST} =~ /^example.com:443$/
     Require expr %{HTTP_HOST} =~ /^crl3.digicert.com:80$/
 </RequireAny>

</Proxy>

</VirtualHost>

Mime
View raw message