2

Im using proxy pass to redirect http to https backend server (tomcat)

Error im getting is : Error during SSL Handshake with remote server

My Configuration :

<VirtualHost *:80>
    ServerName mypersonal.server.com
    ProxyRequests Off
    SSLProxyEngine On
    SSLProxyVerify none
    SSLProxyCheckPeerCN off
    SSLProxyCheckPeerName off
    SSLProxyCheckPeerExpire off
    ProxyPass /publisher https://localhost:9443/publisher
    ProxyPassReverse /publisher https://localhost:9443/publisher
</VirtualHost>

I'm trying to find a way to overcome the verification of SSL, but the following commands appears in grey in my config 

    SSLProxyCheckPeerCN off
    SSLProxyCheckPeerName off
    SSLProxyCheckPeerExpire off

Im using Server version: Apache/2.4.6 (CentOS)

Appreciate your assistance

Improve this question
1
  • The host preserving definition should also be consistent. see details here
    – alex
    Commented Feb 1, 2023 at 16:00

1 Answer 1

Reset to default
2

Late to the party here, but somebody might find this useful. Check your SSLProxyProtocol directive. If, for security purposes, you have disabled the protocol that your backend is using, then the handshake will fail.

For example, I was using SSLProxyProtocol all -SSLv2 -SSLv3 -TLSv1 -TLSv1.1 -TLSv1.2 but had to relax it to SSLProxyProtocol all -SSLv2 -SSLv3 -TLSv1 because my backend is still using TLS v1.1.

EDIT in 2023: I just saw this was upvoted recently. If you're still having problems, also check your values for SSLProxyCipherSuite (see apache docs and values recommended by Mozilla)

Improve this answer

Not the answer you're looking for? Browse other questions tagged or ask your own question.