HTTPS reverse proxy using apache

Question

I am using this apache configuration to set up a reverse proxy to a process running on the same machine, on port 8443,

<Directory "/var/www/html"> Options +FollowSymLinks RewriteEngine On RewriteCond %{HTTPS} off RewriteRule ^(.*) https://%{HTTP_HOST}/$1 </Directory> <IfModule mod_proxy.c> ProxyRequests Off <Proxy *> Order deny,allow Allow from all </Proxy> SSLProxyEngine On ProxyPass / https://127.0.0.1:8443/ ProxyPassReverse / https://127.0.0.1:8443/ </IfModule> 

The process running on 8443 already has HTTPS / SSL certificate set up. Is this a valid / good configuration or can I do it better?

I noticed that currently even http:// will proxy to https:// without the rewrite kicking in. I think this might compromise SSL? I'd rather have only 443 proxy to 8443 and just use a URL rewrite to rewrite the http:// requests to https:// requests. Is that possible using apache?

Thanks.

EDIT - Here is the virtual host information as requested,

VirtualHost Configuration: wildcard NameVirtualHosts and _default_ servers: _default_:443 127.0.0.1 (/etc/httpd/conf.d/ssl.conf:74) Syntax OK 

Answer 1

To get the HTTP requests to redirect instead of proxying, you should do two things:

1. Move your proxying config (SSLProxyEngine through ProxyPassReverse into the SSL virtual host in /etc/httpd/conf.d/ssl.conf, so that it'll only apply there

2. Create an HTTP virtual host which will redirect - probably in a new .conf file in /etc/httpd/conf.d:

   <VirtualHost *:80> ServerName redirect RewriteEngine On RewriteRule ^(.*) https://%{HTTP_HOST}/$1 </VirtualHost>