Question posted in 
I’am having troubles configuring Apache, Tomcat and SSL, this is the scenario:
I have an Apache Web Server, running and working normally (but , I can access to this one just typing:
https://example.com
Also, in this host, I have a Tomcat running and working fine in port 8080 (HTTP); I’ve created a mini web-app which files are inside “test” directory, I can access typing:
http://example.com:8080/test
(I know that Apache is running in 80 port and Tomcat in 8080)
What I want to do is that througt Apache an user can access to ‘test’ (running on Tomcat) using HTTPS, I mean:
https://example.com/test
But when I access this link appers this:
When I access using HTTP http://example/test works, but I need that be HTTPS.
I also create a file config in /etc/httpd/conf.d/vhost.conf, this is the content:
<VirtualHost *:80>
ServerName www.example.com
DocumentRoot /var/www/html
Redirect permanent / https://example.com/
</VirtualHost>
<VirtualHost *:443>
ServerName www.example.com
DocumentRoot /var/www/html
SSLEngine on
SSLCertificateFile /etc/letsencrypt/live/example.com/cert.pem
SSLCertificateKeyFile /etc/letsencrypt/live/example.com/privkey.pem
SSLCertificateChainFile /etc/letsencrypt/live/example.com/chain.pem
SSLProxyEngine on
ProxyPass /test http://xxx.xxx.xxx.xxx:8080/test
ProxyPassReverse /test http://xxx.xxx.xxx.xxx:8080/test
</VirtualHost>
xxx.xxx.xxx.xxx is the IP of website.
When I access the website https://example.com/ (with HTTPS) I got this issue (I use the web-app in the website):
I use certificate Let’s Encrypt (in the photo above).
I’m working with Apache/2.4.33 (Amazon) and Tomcat 8.5.29
Has anyone knows why or how solve this? Thanks in advance guys.
Log files:
access_log
yyy.yyy.yyy.yyy - - [01/Jul/2018:06:42:29 +0000] "GET /test HTTP/1.1" 301 245 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.181 Safari/537.36"
::1 - - [01/Jul/2018:06:42:51 +0000] "OPTIONS * HTTP/1.0" 200 - "-" "Apache/2.4.33 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.30 (internal dummy connection)"
error_log – empty
ssl_access_log
yyy.yyy.yyy.yyy - - [01/Jul/2018:06:42:29 +0000] "GET /test HTTP/1.1" 404 206
yyy.yyy.yyy.yyy - - [01/Jul/2018:06:42:29 +0000] "GET /test HTTP/1.1" 404 206
yyy.yyy.yyy.yyy - - [01/Jul/2018:06:42:49 +0000] "-" 408 -
yyy.yyy.yyy.yyy - - [01/Jul/2018:06:42:49 +0000] "-" 408 -
yyy.yyy.yyy.yyy - - [01/Jul/2018:06:42:49 +0000] "-" 408 -
yyy.yyy.yyy.yyy - - [01/Jul/2018:06:42:49 +0000] "-" 408 -
ssl_request_log
[01/Jul/2018:06:42:29 +0000] yyy.yyy.yyy.yyy TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384 "GET /test HTTP/1.1" 206
[01/Jul/2018:06:42:29 +0000] yyy.yyy.yyy.yyy TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384 "GET /test HTTP/1.1" 206
[01/Jul/2018:06:42:49 +0000] yyy.yyy.yyy.yyy TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384 "-" -
[01/Jul/2018:06:42:49 +0000] yyy.yyy.yyy.yyy TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384 "-" -
[01/Jul/2018:06:42:49 +0000] yyy.yyy.yyy.yyy TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384 "-" -
[01/Jul/2018:06:42:49 +0000] yyy.yyy.yyy.yyy TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384 "-" -
ssl_error_log – empty
yyy.yyy.yyy.yyy = IP of my machine
2
Answers
The result file
/etc/httpd/conf.d/vhost.conf:There are 4 problem with the code
First: Problem with the port.Https works on
port 443and http onport 80Second: Not having
SSLProxyEngine onso that proxy pass and proxy reverse pass works for https connection.Third: Remove the redirection rule of https from this virtual host to a new one.You need to create a new virtual host for port 80 in which there should be a redirect rule in which all http connections redirect to https permanently.
Fourth: Also add below to all virtual host