Home / server / Questions / 388927
Accepted
Paul
Asked: 2012-05-15 07:03:29 +0800 CST

Apache ReverseProxyPass redrects to http rather than https

  • 772

I have a reverse proxy setup using apache mod_proxy:

<VirtualHost *:443>
   ServerName reverse.server.com  
   ProxyPass / http://10.1.9.11:3000/
   ProxyPassReverse / http://10.1.9.11:3000/
   ProxyPreserveHost on
   ...snip ssl stuff...
</VirtualHost>

This works fine most of the time. The problem is when the internal server does a redirect. While the proxypassreverse should catch the location, and it seems to, it redirects to http://reverse.server.com rather than to https://reverse.server.com. So it is half working, the address changes correctly, but the protocol stays as the internal server.

I am not clear on why it is doing this, as the proxied connection is SSL - any ideas?

apache-2.2 https reverse-proxy mod-proxy

2 Answers

  1. Best Answer

    ProxyPassReverse can not fix this kind of redirections. There are 2 ways to solve the problem:

    • Use HTTPS for the internal site. e.g. ProxyPass / https:... and ProxyPassReverse / https: (actually the last one is not required in your case).
    • Use mod_headers in the reverse proxy: Header edit Location ^http: https:
    • Use mod_rewrite in the reverse proxy to change the redirection.
    • 8

  2. I'm just experiencing the same issue. We found 2 ideas to try, dont know if it really works: 1/ use the RequestHeader set X-Forwarded-Protocol "https" => http://toroid.org/ams/etc/mixing-http-and-https

    2/ use the variable httpsindicatorheader (it's a websphere) to indicate through the application server that the initial request was https. Then every redirection will be on https

    • 0