Apache Reverse Proxy

by K8CTR

Posted Thursday, April 10, 2014 3:00 PM

For hosting multiple servers (Gitlab and some dev servers) through a single router port forward, I used the following configuration on a local Apache instance. There was a bit of an SSL issue which seemed to resolve when the reverse proxy hosted the SSL certificates for the configured domain as well. GitLab has a page on setting up https here.

SSL Cert

The SSL cert and private keys were generated on the destination server, then copied to the reverse proxy.

openssl req -x509 -nodes -days 3650 -newkey rsa:2048 -keyout sub.example.com.key -out sub.example.com.crt


NameVirtualHost *:443

Virtual Host (sites-available/000-default.conf)

    <VirtualHost *:80>
        ServerName sub.example.com
        ServerAdmin josh@example.com
        ErrorLog ${APACHE_LOG_DIR}/error.log
        CustomLog ${APACHE_LOG_DIR}/access.log combined
        LogLevel error
        SSLProxyEngine on
        ProxyPreserveHost On
        ProxyRequests off 
        ProxyPass /
        ProxyPassReverse / 

    <IfModule mod_ssl.c>
        <VirtualHost *:443>
            ServerName sub.example.com
            SSLEngine On
            SSLProxyEngine On
            ProxyRequests Off
            SSLCertificateFile /etc/apache2/ssl/sub.example.com.crt
            SSLCertificateKeyFile /etc/apache2/ssl/sub.example.com.key
            #SSLCertificateChainFile /etc/apache2/ssl/sub.class1.server.ca.pem
            SSLCACertificateFile /etc/apache2/ssl/sub.example.com.crt
            SetOutputFilter INFLATE;proxy-html;DEFLATE;
            ProxyHTMLInterp On
            ProxyHTMLExtended On
            ProxyHTMLURLMap (.*)*) https://sub.example.com$2 [Rin]
            ProxyPass /
            ProxyPassReverse /

Labels: , ,