Mod Security (Reverse proxy with SSL)
-
Hello All,
I have Mod_Security working fine with HTTP(80)
But i need use mod_security with HTTPS(443) with Godaddy SSL.
I have the 3 files in /usr/local/apache22/etc/ (I have created this path):
Certificate File: www.mydomain.com.crt
Certificate Key File: www.mydomain.com.pem
Certificate Chain File: gb_bundle.crti setup new SiteProxy with these data:
Site Name: MyDomain SSL
Webmaster: email@domain.com
IP Address: xxx.xxx.xxx.xxx
Protocol: HTTPS
Port: 443
Certificate File: www.mydomain.com.crt
Certificate Key File: www.mydomain.com.pem
Certificate Chain File: gb_bundle.crt
Preserver Proxy Hostname: Uncheck
Primary Site Name: www.mydomain.com
WebServer backend URL: 192.168.0.1But its not work. What i need do?
*** If i add a Port Forward (NAT) to internal server on https port, its working fine. But i really need certificate.Thanks!
-
cosmo,
did you tried Certificate File and Certificate Key File with full path instead of just .crt and .pem filename?
-
Hello,
I got it working. It seems it's not possible to do reverse proxy on 443 and 80. I had to remove port 80 to get it working.
On proxy server settings is set port to bind to 443.
I removed the port 80 site proxy (with a config for port 80 and 443 it didn't work).You have to enter the file name only for certificate files (with full path it will search for /usr/local/apache22/etc/usr/local/apache22/etc/cert_file according to the log)
So i think there is a typo in the path they given under the option. You have to put your certificate files in /usr/local/etc/apache22/ instead of /usr/local/apache22/etc/When you add full path name apache will not run and there is no proxy at all.
You must not add a port forward in the NAT
Greetings.