The goal is that external users can connect via HTTPS, go through basic auth on Apache and then view a proxies tomcat site.
I have set up a reverse proxy to a tomcat server running on the same machine on a different port with basic auth: (/etc/httpd/conf.d/vhost.conf)
NameVirtualHost *:80
<VirtualHost *:80>
ServerName sub.domainx.co.uk
ErrorLog "/var/log/proxy/domainx_prox_error_log"
CustomLog "/var/log/proxy/domainx_prox_access_log" common
ProxyRequests Off
<Proxy *>
Order deny,allow
Deny from all
Allow from all
</Proxy>
<Location />
AuthType Basic
AuthName "Proxy Auth"
AuthUserFile /var/www/syzygy-auth/CONFLUENCE/.htpasswd
Require user ukuser
Satisfy any
Deny from all
Allow from 192.168.0.0/21
</Location>
ProxyPass / http://sub.domainx.co.uk:8090/
ProxyPassReverse / http://sub.domainx.co.uk:8090/
</VirtualHost>
The above works fine.
I then went about setting up mod_ssl on apache.
yum -y install mod_ssl
I then uploaded my wildcard ssl and made the dollowing changes to /etc/httpd/conf.d/ssl.conf
uncommented:
DocumentRoot "/var/www/html"
uncommented/updated:
ServerName www.server.world:443
SSLCertificateFile /etc/pki/tls/certs/server.crt
SSLCertificateKeyFile /etc/pki/tls/certs/server.key
These changes appear to have had the desired effect.
I can not view index.html via HTTPS and HTTP proxies the tomcat server.
When I add an identical vhost but with the port changed to 443 no changes take affect.
When I added SSLProxyEngine On apache would not start.
I got the following in the proxy error logs:
Fatal error initialising mod_ssl, exiting. See /var/log/proxy/domainx_prox_error_log for more information
Server should be SSL-aware but has no certificate configured
It turned out there was already a vhost in ssl.conf that was overiding my settings. School boy error.