I’m trying to set up my Apache server to work as a reverse proxy with an HTTPS backend service. Currently I have it working perfectly when connecting to HTTP backends.
My current working configuration in the virtual host on port 443 looks like this:
I get a 500 internal server error. The Apache error logs show these messages:
[error] [client 127.0.0.1] SSL Proxy requested for 127.0.0.1:443 but not enabled [Hint: SSLProxyEngine]
[error] proxy: HTTPS: failed to enable ssl support for [127.0.0.1]:8443 (127.0.0.1)
What configuration am I missing to make Apache talk to HTTPS backend servers properly?
oh interesting! are you running into any specific ssl cipher suite issues with your backend service? sometimes the default ssl settings dont play nice together. also curious - what version of apache are you using? i’ve seen some quirky behavior with older versions when handling ssl proxy connections.
yep, the error hints at needing SSLProxyEngine on. just toss that in your vhost config. if ur using self-signed certs, u might also wanna add SSLProxyCheckPeerName off to avoid cert check issues.
The error message indicates that you need to enable the SSL proxy engine in your Apache configuration to handle HTTPS backend connections. To do so, add SSLProxyEngine on within your virtual host configuration block. Furthermore, if your backend uses a self-signed certificate or you’re working with internal services, you may want to disable certificate verification with SSLProxyVerify none and SSLProxyCheckPeerCN off. Your updated configuration should look like this:
SSLProxyEngine on
SSLProxyVerify none
SSLProxyCheckPeerCN off
ProxyPass /app/service https://127.0.0.1:8443/service/
ProxyPassReverse /app/service https://127.0.0.1:8443/service/
This approach has previously resolved similar issues I faced when working with internal HTTPS services.