Skip to main content
Skip table of contents

Setting up Apache Reverse Proxy over SSL

Apache Installation

1. Standalone Installation in Fedora-based systems

This is meant for Operating Systems such as RHEL and CentOS.

Use the following commands:

  1. sudo yum install httpd mod-ssl
  2. sudo yum install mod_proxy_html

Disabling SELinux

CentOS 7 and Red Hat Enterprise Linux 7 (RHEL 7) come with SELinux pre-installed. This must be disabled because SELinux blocks Apache from loading content outside default directories.

 Alternatively, a custom policy can be added to SELinux, which is beyond the scope of this document.

Steps to disable SELinux follow:

Temporary (single session)
  1. sudo setenforce 0

  2. sudo sestatus 

    Check: Current mode: permissive

Permanent (needs reboot to work)
  1. sudo vi /etc/selinux/config
  2. Change 'SELINUX=enforcing' to 'SELINUX=disabled'.
  3. Save the file.

2. Xampp/Lampp installation

This is meant for Operating Systems such as Windows and Linux.

Run the '.run' installer from Xampp official website.

Firewall configurations will be set by default and the required mods will be enabled during installation.

Managing the Apache server for Lampp

Follow any one of the two options below:

    1. Use Lampp GUI

    2. Go to ampp install dir and use the following commands accordingly:

      To Start:

      CODE 
      sudo ./<Install Dir>/lampp startapache

      To Stop:

      CODE 
      sudo ./<Install Dir>/lampp stopapache

      To Restart:

      CODE 
      sudo ./<Install Dir>/lampp restartapache

      List status of all Lampp servers/services:

      CODE 
      sudo ./<Install Dir>/lampp status

Setting up the Virtual Host

1. Apache reverse proxy with SSL

For SSL-based Apache Reverse Proxy, put the template in the appropriate directory based on the installation, rename it and modify it as required.

Click template-ssl.conf to download the sample file to be used in the following sections.

Standalone Fedora

Target Path: /etc/httpd/conf.d/ssl.conf

Xampp

Target Path: /opt/lamp/etc/extra/httpd-ssl.conf

2. Apache reverse proxy with Mutual TLS

For SSL-based Apache Reverse Proxy, put the template in the appropriate directory based on the installation, rename it and modify it as required:

Click template-mtls.conf to download the sample file to be used in the following sections.

Standalone Fedora

Target Path: /etc/httpd/conf.d/ssl.conf

Xampp

Target Path:/opt/lamp/etc/extra/httpd-ssl.conf

Customizing the template Proxy Configuration

A passphrase file must be provided with executable permissions; a template of this file is provided for the passphrase 'fiorano'. Change it accordingly for the required use case. Every proxy server configuration template file provided has this setting enabled by default.

When the certificate is encrypted

Do the following in the proxy configuration:

  1. Set the SSLPassPhraseDialog exec:<Path to passphrase dialog file>/passphrase-file.conf

    click passphrase-file.conf for the sample file.

  2. Run in the terminal

    CODE 
    sudo chmod 777 passphrase-file.conf

When the certificate is not encrypted

  1. Comment:

    CODE 
    SSLPassPhraseDialog exec:<Path to passphrase dialog file>/passphrase-file.conf

  2. Uncomment:

    CODE 
    SSLPassPhraseDialog builtin


JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close