2023年8月9日 星期三

Apache Reverse Proxy with SSL

憑證掛在 Reverse Proxy, 內部走 HTTP

<VirtualHost *:443>
ServerName test1.pank.org
ServerAdmin pank@pank.org
ErrorLog "/var/log/httpd/test1_error_log"
TransferLog "/var/log/httpd/test1_access_log"
SSLEngine on
ProxyPass / http://192.168.0.27/
ProxyPassReverse / http://192.168.0.27/
SSLProtocol all -SSLv2
SSLCipherSuite HIGH:MEDIUM:!aNULL:!MD5
SSLCertificateFile "/etc/httpd/conf.d/pank.org-crt.pem"
SSLCertificateKeyFile "/etc/httpd/conf.d/pank.org-key.pem"
SSLCertificateChainFile /etc/httpd/conf.d/chain.pem
</VirtualHost>

若後端有多台,建立多個 VirtualHost 區塊即可
Apache 預設就會帶 X-Forwarded-For 到 backend server,不用特別設定

沒有留言:

OpenVPN disconnect after 3.4.0

如果 OpenVPN 本來都連線正常,Server 也沒動,OpenVPN Client 升版到 3.4.0 以後的版本,就不能連了, 狀況是連上又斷線,一直重複 (repeat connect and disconnect) 我的環境 RouterOS 6.49.14 及 7....