I have a web server (Apache reverse proxy) in front of my app server (Apache) and I'm trying to pass common name for SSL.
My web server (Apache reverse proxy) is setup to preserve hostname (ProxyPreserveHost On)
On my app server (Apache) how do I configure my virtual host to pickup on on the hostname passed by the Proxy server?
I'm getting errors like this:
[warn] RSA server certificate is a CA certificate (BasicConstraints: CA == TRUE !?) [warn] RSA server certificate CommonName (CN) `appserver01' does NOT match server name!? Do I need anything additional turned via on my app server (Apache configuration)? Here is what my vhost looks like:
NameVirtualHost *:80 Header always append X-Frame-Options SAMEORIGIN <VirtualHost *:80> DocumentRoot /var/www/app ServerName www.app.com ServerAlias app.com ServerAlias appserver01.domain.com <Directory /var/www/app> Options All AllowOverride All </Directory> </VirtualHost> <VirtualHost IP_OF_WEB_SERVER_HERE:443> DocumentRoot /var/www/app ServerName www.app.com ServerAlias app.com ServerAlias appserver01.domain.com <Directory /var/www/app> AllowOverride All </Directory> SSLProxyEngine On SSLEngine On SSLCertificateFile /etc/ssl/certs/www_app_com_cert.cer SSLCertificateKeyFile /etc/ssl/certs/www_app_com.key SSLCACertificateFile /etc/ssl/certs/ca-bundle.crt </VirtualHost> Basically I want to allow the hostname to pass through the proxy server so my SSL cert will work. I have ProxyPreserveHost turned on but it doesn't appear to work as the Apache webserver still sees the hostname as the internal hostname "appserver01" instead of "www.app.com".
Thanks
