https://github.com/0xh3xa/apache-httpd-reverse-proxy

Configure Apache2 httpd as Reverse proxy with https support
https://github.com/0xh3xa/apache-httpd-reverse-proxy

apache2-httpd configuration encryption httpd https letsencrypt reverse-proxy server ssl tomcat8

Last synced: 9 months ago
JSON representation

Configure Apache2 httpd as Reverse proxy with https support

• Host: GitHub
• URL: https://github.com/0xh3xa/apache-httpd-reverse-proxy
• Owner: 0xh3xa
• Created: 2019-05-19T19:27:05.000Z (over 6 years ago)
• Default Branch: master
• Last Pushed: 2020-05-23T14:38:27.000Z (over 5 years ago)
• Last Synced: 2023-11-18T03:21:32.467Z (about 2 years ago)
• Topics: apache2-httpd, configuration, encryption, httpd, https, letsencrypt, reverse-proxy, server, ssl, tomcat8
• Size: 12.7 KB
• Stars: 1
• Watchers: 2
• Forks: 0
• Open Issues: 0
• Metadata Files:
  • Readme: README.md

Awesome Lists containing this project

README

          
# Apache-http-reverse-proxy

### How to configure Apache 2 httpd as Reverse proxy in front of the tomcat java web application with SSL by Let's Encrypt?

```

Let’s Encrypt is a free, automated, and open certificate authority (CA), run for the public’s benefit. It is a service provided by the Internet Security Research Group (ISRG).

We give people the digital certificates they need in order to enable HTTPS (SSL/TLS) for websites, for free, in the most user-friendly way we can. We do this because we want to create a more secure and privacy-respecting Web.

```

`for more info`: https://letsencrypt.org/

![alt text](https://letsencrypt.org/images/le-logo-twitter.png)

You will cofigure the firewalld to allow only HTTPS port 443 and then the HTTPd will handle the request and redirect it to the tomcat internal server which is working on port 8080

1. Install and configure Let's encrypt with apache-httpd

```

# yum install certbot python2-certbot-apache

```

, The installed **SSL Certificate** file in path `/etc/letsencrypt/live/exmple.com/fullchain.pem`

, The installed **SSLCertificateKeyFile** `/etc/letsencrypt/live/exmple.com/privkey.pem`

2. Configure the `firewalld` to allow only HTTPS port 443

```

# firewall-cmd --permanent --zone=public --remove-port=80/tcp

# firewall-cmd --permanent --zone=public --remove-port=8080/tcp 

# firewall-cmd --permanent --zone=public --add-port=443/tcp

# firewall-cmd --permanent --zone=public --remove-service=http

# firewall-cmd --permanent --zone=public --add-service=https

# firewall-cmd --reload 

```

3. Configure apache-httpd will handle the request and redirect it to the tomcat internal server which is working on port 8080 in `/etc/httpd/conf.d/example.conf`

This will redirect the incoming request on port 443 to tomcat which is listening on port 8080

```

        

          ServerName exmple.com

          ServerAlias *exmple.com

          ServerAdmin user@gmail.com

          ProxyPreserveHost On

          ProxyRequests off

          AllowEncodedSlashes NoDecode

          

             Order deny,allow

             Allow from all 

          

          SSLEngine on

          SSLCertificateFile /etc/letsencrypt/live/exmple.com/fullchain.pem

          SSLCertificateKeyFile /etc/letsencrypt/live/exmple.com/privkey.pem

          Include /etc/letsencrypt/options-ssl-apache.conf

          ProxyPass / http://localhost:8080/ nocanon

          ProxyPassReverse / http://localhost:8080/

          LogLevel debug

          ErrorLog ${APACHE_LOG_DIR}/error.log

          CustomLog ${APACHE_LOG_DIR}/access.log combined

        

```