[Solved] Setup of apache2 ssl reverse proxy

šŸš§ Installation
,
1

Hello!

This is my basic network map.

network-map

I setup one VM only for apache2 proxy, but cannot get it work with my two NC instancesā€¦ I setup one simple webpage on top on my proxy (192.168.1.200) and I can access it thru https (https://personal.freemyip.com). Second, I try to create one virtualhost linked to my nc1 (192.168.1.201):

<VirtualHost *:*>
    ServerName nc1.personal.freemyip.com
    ProxyPreserveHost On

    ProxyPass / http://192.168.1.201/
    ProxyPassReverse / http://192.168.1.201/

</VirtualHost>

After that, Iā€™ve create second virtualhost for https for the same backend (192.168.1.201)

<VirtualHost *:443>

        SSLEngine On

        # Set the path to SSL certificate
        # Usage: SSLCertificateFile /path/to/cert.pem
        Protocols h2 http/1.1
        ServerName nc1.personal.freemyip.com
        SSLCertificateFile /etc/letsencrypt/live/personal.freemyip.com/fullchain.pem
        SSLCertificateKeyFile /etc/letsencrypt/live/personal.freemyip.com/privkey.pem
        SSLCertificateChainFile /etc/letsencrypt/live/personal.freemyip.com/chain.pem
        Include /etc/letsencrypt/options-ssl-apache.conf
        SSLUseStapling on
        Header always set Strict-Transport-Security "max-age=31536000"

        ProxyPass / https://192.168.1.201/
        ProxyPassReverse / https://192.168.1.201/

</VirtualHost>

Same story for the other backend (192.168.1.2) :smiley:

When I try to open https://nc1.personal.freemyip.com Iā€™ve got Internal error 500.
cert-error

When http request isworking fine.

Can I take your advice, please? :slight_smile:

Best regards!

2

Hello friends,

I fix all the mess:

  1. I started with new vhost for the two NC instances
  2. I clear as much as possible the config.php file for the both NC instances
  3. I removed all ssl certs from the both NC instances
  4. Iā€™ve setup super simple new vhosts form the proxy side for the both instances
  5. After that I just generate new certs for the both NCs from the proxy side
  6. Iā€™ve do specific configs for the both NCs in config.php files

I hope this post will be helpful for someone :slight_smile:

Best regards!

3

Hello. Could you provide further details?

  1. What apache2 config did you start with?
  2. What did you remove, why did you leave what you did and what config.php did you end up with?
  3. What is your specific config?
  4. What specific things did you do and why?

I hope your answers will help someone.

Many thanks.