From owner-freebsd-questions@FreeBSD.ORG Tue Oct 5 03:53:56 2010 Return-Path: Delivered-To: questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id DC685106566C for ; Tue, 5 Oct 2010 03:53:56 +0000 (UTC) (envelope-from djp@polands.org) Received: from hrndva-omtalb.mail.rr.com (hrndva-omtalb.mail.rr.com [71.74.56.125]) by mx1.freebsd.org (Postfix) with ESMTP id 98C148FC16 for ; Tue, 5 Oct 2010 03:53:56 +0000 (UTC) X-Authority-Analysis: v=1.1 cv=exbvkCqEOBXDkHq+8n3wanotOBQtbe7qbIajSD+JluU= c=1 sm=0 a=iv_FGcSvvugA:10 a=kj9zAlcOel0A:10 a=02fl1sNAWVw4WL3Wmu4WJA==:17 a=bqq2Vc5EAAAA:8 a=jku0EqVroq9wsDahKykA:9 a=sOAR8vtDUawjNQSb5d-_ZwRwGHQA:4 a=CjuIK1q_8ugA:10 a=5ERLOmoKdHQA:10 a=02fl1sNAWVw4WL3Wmu4WJA==:117 X-Cloudmark-Score: 0 X-Originating-IP: 75.87.219.217 Received: from [75.87.219.217] ([75.87.219.217:51664] helo=haran.polands.org) by hrndva-oedge01.mail.rr.com (envelope-from ) (ecelerity 2.2.3.46 r()) with ESMTP id 88/88-07458-351AAAC4; Tue, 05 Oct 2010 03:53:55 +0000 Received: from ararat.polands.org (ararat.polands.org [172.16.1.20]) by haran.polands.org (8.14.4/8.14.4) with ESMTP id o953rtXQ070519; Mon, 4 Oct 2010 22:53:55 -0500 (CDT) (envelope-from djp@polands.org) Received: from ararat.polands.org (localhost [127.0.0.1]) by ararat.polands.org (8.14.4/8.14.4) with ESMTP id o953rtDU033877; Mon, 4 Oct 2010 22:53:55 -0500 (CDT) (envelope-from djp@ararat.polands.org) Received: (from djp@localhost) by ararat.polands.org (8.14.4/8.14.4/Submit) id o953rsZ9033876; Mon, 4 Oct 2010 22:53:54 -0500 (CDT) (envelope-from djp) Date: Mon, 4 Oct 2010 22:53:54 -0500 From: Doug Poland To: Adam Vande More Message-ID: <20101005035354.GB8662@polands.org> References: <20101004221506.GA8662@polands.org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.5.20 (2009-06-14) Cc: questions@freebsd.org Subject: Re: OT: Apache as reverse SSL proxy X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 05 Oct 2010 03:53:56 -0000 On Mon, Oct 04, 2010 at 09:19:52PM -0500, Adam Vande More wrote: > On Mon, Oct 4, 2010 at 5:15 PM, Doug Poland wrote: >> >> Hello, >> >> I realize this is not a specific FreeBSD question, but a lot of >> knowledgeable apache admins hang around here. I am tasked with >> creating a reverse SSL proxy in a DMZ. A reverse proxy for http >> is simple, but I'm finding it challenging understanding all that >> needs to take place for apache 2.2.x to act as a reverse. >> >> I've done an extensive amount of googling and reading mod_proxy >> and mod_ssl docs, but to no avail. Can someone point me to some >> docs or configs? >> > > Save your brain, and your computer's memory. Use www/nginx or > www/pound. > What also complicates the matter is that the reverse proxy is supposed to act for several virtual hosts. The documentation for www/pound indicated "HTTPS does not allow virtual hosting". I seem to recall bumping into this issue in the past that one cannot do named-based vhosts on HTTPS. Look like it's back to the drawing board... -- Regards, Doug