Discussion:
[Wt-interest] SSL under reverse proxy
Aarón Bueno Villares
2016-09-16 19:21:45 UTC
Permalink
I'm having issues adding SSL support to my Wt site. My certificate works
fine under Apache though (tested on another PHP site with same domain). Is
it possible to make the Wt application non-SSL, and delegates the
certificates management to Apache?

Browser <--- (HTTPS) ---> Apache 2.4.7 (Reverse proxy)
^
| (HTTP)

------------------------------> Wt Application (3.3.4)

A sample configuration please? I've never configured a reverse proxy.

My Apache server uses a multidomain Let's Encrypt certificate with about
fifteen domains, so, we have just one certificate for all of my name-based
VirtualHosts. I want Apache is the HTTPS front-end for my local Wt
Application, running under port 11000, and the communication between Apache
and Wt being HTTP.
Nagaev Boris
2016-09-16 19:30:48 UTC
Permalink
Hi Aaron,

It is possible to run wt in this configuration. It works for me with nginx
in place on Apache.

16 сеМт. 2016 г. 20:23 пПльзПватель "Aarón Bueno Villares" <
Post by Aarón Bueno Villares
I'm having issues adding SSL support to my Wt site. My certificate works
fine under Apache though (tested on another PHP site with same domain). Is
it possible to make the Wt application non-SSL, and delegates the
certificates management to Apache?
Browser <--- (HTTPS) ---> Apache 2.4.7 (Reverse proxy)
^
| (HTTP)
------------------------------> Wt Application (3.3.4)
A sample configuration please? I've never configured a reverse proxy.
My Apache server uses a multidomain Let's Encrypt certificate with about
fifteen domains, so, we have just one certificate for all of my name-based
VirtualHosts. I want Apache is the HTTPS front-end for my local Wt
Application, running under port 11000, and the communication between Apache
and Wt being HTTP.
------------------------------------------------------------
------------------
_______________________________________________
witty-interest mailing list
https://lists.sourceforge.net/lists/listinfo/witty-interest
Wim Dumon
2016-09-20 10:19:05 UTC
Permalink
I just put an article in the wiki on how we do this:

http://redmine.emweb.be/projects/wt/wiki/Using_HAProxy_as_a_reverse_proxy_terminating_https

If anything is missing, please let me know.

Wim.
Post by Nagaev Boris
Hi Aaron,
It is possible to run wt in this configuration. It works for me with nginx
in place on Apache.
16 сеМт. 2016 г. 20:23 пПльзПватель "Aarón Bueno Villares" <
Post by Aarón Bueno Villares
I'm having issues adding SSL support to my Wt site. My certificate works
fine under Apache though (tested on another PHP site with same domain). Is
it possible to make the Wt application non-SSL, and delegates the
certificates management to Apache?
Browser <--- (HTTPS) ---> Apache 2.4.7 (Reverse proxy)
^
| (HTTP)
------------------------------> Wt Application (3.3.4)
A sample configuration please? I've never configured a reverse proxy.
My Apache server uses a multidomain Let's Encrypt certificate with about
fifteen domains, so, we have just one certificate for all of my name-based
VirtualHosts. I want Apache is the HTTPS front-end for my local Wt
Application, running under port 11000, and the communication between Apache
and Wt being HTTP.
------------------------------------------------------------
------------------
_______________________________________________
witty-interest mailing list
https://lists.sourceforge.net/lists/listinfo/witty-interest
------------------------------------------------------------
------------------
_______________________________________________
witty-interest mailing list
https://lists.sourceforge.net/lists/listinfo/witty-interest
Continue reading on narkive:
Loading...