Setting up Apache reverse proxy for HTTPS backend services

I’m having trouble with my Apache reverse proxy setup when trying to connect to an HTTPS backend.

My current configuration works perfectly when I point to HTTP backends:

ProxyPass /api/service http://127.0.0.1:8080/service/
ProxyPassReverse /api/service http://127.0.0.1:8080/service/

Users can access this via https://mydomain.com/api/service without any issues.

However, when I try to modify the config to use HTTPS for the backend:

ProxyPass /api/service https://127.0.0.1:8443/service/
ProxyPassReverse /api/service https://127.0.0.1:8443/service/

I get a 500 internal server error. The Apache error logs show:

[error] proxy: HTTPS: failed to enable ssl support for [::1]:8443 (mydomain.com)
[error] [client ::1] SSL Proxy requested for mydomain.com:443 but not enabled [Hint: SSLProxyEngine]

What configuration am I missing to make Apache communicate properly with HTTPS backend servers? The error message mentions SSLProxyEngine but I’m not sure how to implement this correctly.

same thing happened to me too! your error log says it all - you need to add SSLProxyEngine on in your vhost config. apache needs that to connect to ssl backends. also, make sure mod_ssl is enabled, or it won’t work.

Interesting setup! Are you using self-signed certs on the backend? SSL handshake often fails when Apache can’t verify the cert chain. Try adding SSLProxyVerify none like DancingButterfly suggested. Also, why’d you switch from HTTP to HTTPS for backend communication?

To resolve your issue, you must enable SSL proxy features in Apache. In your virtual host configuration, include SSLProxyEngine on. If your backend server uses self-signed certificates or if the certificates do not match the localhost name, you should also add SSLProxyVerify none and SSLProxyCheckPeerCN off. These adjustments should correct the 500 internal server error that you are facing. After implementing these changes, don’t forget to restart Apache.