Question posted in
Some documentation to get you started can be found here.

Apache reverse proxy with spring boot on 443

I’m working on a Spring Boot application and I need to use a reverse proxy to redirect 8080 to 443 so I can access like https://example.com but I don’t seem to get the correct configuration and I keep getting a 500 error.

After a lot of searching I’m not able to find the root of the error. While reading I came up with the following configuration in /etc/apache2/sites-available/000-default.conf (letsencrypt edited the last few lines of each virtual host).

<VirtualHost *:80>
    ServerName example.com
    ServerAlias www.example.com
    Redirect permanent / https://example.com/
    ErrorLog ${APACHE_LOG_DIR}/error.log
    CustomLog ${APACHE_LOG_DIR}/access.log combined
    ProxyRequests Off
    RewriteEngine on
    RewriteCond %{SERVER_NAME} =www.mysite.com [OR]
    RewriteCond %{SERVER_NAME} =mysite.com
    RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>
<VirtualHost *:443>
    ServerName example.com
    ServerAlias www.example.com
    SSLEngine on
    SSLProxyEngine on
    ProxyRequests off
    ProxyPreserveHost on
    ProxyPass / http://example.com:8080/
    ProxyPassReverse / http://example.com:8080/
    SSLProtocol All -SSLv2 -SSLv3
    Include /etc/letsencrypt/options-ssl-apache.conf
    SSLCertificateFile /etc/letsencrypt/live/example.com-0001/fullchain.pem
    SSLCertificateKeyFile /etc/letsencrypt/live/example.com-0001/privkey.pem
</VirtualHost>

What am I missing?

BTW: accessing http://example.com:8080 works fine

Edit: I already have ssl and proxy modules loaded

Edit 2: if I run a2ensite default-ssl and then I get the apache page with https. I tried migrating my config to that file but still fails but only when adding this line: ProxyPass / http://example.com:8080/, other configuration still loads the apache website

Tags:

2

Answers


  1. Chosen as BEST ANSWER
    0

    I was actually missing one of this three mods: proxy, proxy_http, or ssl. After this, everything worked.


  2. 0

    I cross compared with my working ssl conf, so result should be like below

    <VirtualHost *:443>
    ServerName example.com
    ServerAlias *.example.com
    ProxyPreserveHost on
    ProxyPass / http://127.0.0.1:8080/
    ProxyPassReverse / http://127.0.0.1:8080/
    Include /etc/letsencrypt/options-ssl-apache.conf
    SSLCertificateFile /etc/letsencrypt/live/example.com-0001/fullchain.pem
    SSLCertificateKeyFile /etc/letsencrypt/live/example.com-0001/privkey.pem
</VirtualHost>

    In short "ProxyRequests off" is not required and instead of example.com:8080 I suggest to put 127.0.0.1 or server`s real ip. and ssl configuration is actually is coming from "/etc/letsencrypt/options-ssl-apache.conf" no need to have it in the virtualhost definition.

    if you order the ssl with all subdomain use

    "ServerAlias *.example.com"

    otherwise revert back to

    "ServerAlias http://www.example.com&quot;

    Login or Signup to reply.
Please signup or login to give your own answer.

Back To Top
Search