Strip SSL with Apache mod_proxy part one

Today I have faced a challenging situation. I needed to strip SSL from HTTP request to on of our servers platform and send it to another server without SSL. We use little tip as using Apache mod_proxy to implement this functionality.

Requirements

We need to have apache with:

1. DSO support compiled (with mod_proxy support)
2. SSL certificate
3. configuration for Virtual Hosting
4. configuration for mod_proxy

By default our apache installations are with version 2.2.3 and we have support for DSO, this means if we have mod_proxy compiled for Apache 2.2.3 we can use without recompiling Apache from source and just put it in /usr/local/apache2/modules . If you need to compile new Apache instance we need to use configure options as follow:

Next step is to generate a new SSL certificate. If you are not sure what you are doing I would recommend that you read these two articles first.

What is SSL
Create Self signed SSL

Anyway briefly this is what you need to do:

We need to make some minor changes in httpd configuration before apache we go with with SSL support.

Open up Apache config file with your favorite editor.

vi /usr/local/apache2/conf/httpd.conf

You need to uncomment the line

# Include conf/extra/httpd-ssl.conf

Then we can start with httpd.conf and httpd-ssl.conf configurations.
By default we need to have at least 2 virtual hosts one for HTTP and second for HTTPS.

So, in httpd.conf after line

Listen 80

add :

NameVirtualHost *:80

At the end of httpd.conf we need to add a a Virtual Host configuration which will process HTTP requests. You can use something like this:

This is the end of part one of Strip SSL with Apache mod_proxy tutorial. Part two is available here: Strip SSL with Apache mod_proxy part two