Hello,
I’m trying to create a reverse proxy with apache httpd conf base on our instance with token Authorization: xxx.
This is my httpd.conf:
SSLEngine on
SSLHonorCipherOrder on
SSLCipherSuite PROFILE=SYSTEM
SSLProxyCipherSuite PROFILE=SYSTEM
SSLCertificateFile /etc/pki/tls/certs/localhost.crt
SSLCertificateKeyFile /etc/pki/tls/private/localhost.key
SSLProxyEngine On
ProxyRequests Off
SSLProtocol -all +TLSv1.2 +TLSv1.3
SSLProxyVerify none
<Location /grafana>
SSLVerifyClient none
ProxyPreserveHost On
ProxyPass https://xxxxx.grafana.net:443/ KeepAlive=On
ProxyPassReverse https://xxxx.grafana.net:443/
RequestHeader set Host %{HTTP_HOST}e
RequestHeader set X-Real-IP %{REMOTE_ADDR}e
RequestHeader set X-Forwarded-For %{REMOTE_ADDR}e
RequestHeader set X-Forwarded-Proto “https”
RequestHeader set Authorization “Bearer glsa_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx”
# WebSocket
RewriteEngine On
RewriteCond %{HTTP:Upgrade} =websocket \[NC\]
RewriteRule /(.\*) wss://almproduction.grafana.net/$1 \[P,L\]
RewriteCond %{HTTP:Upgrade} !=websocket \[NC\]
RewriteRule /(.\*) https://xxxxxxx.grafana.net/$1 \[P,L\]
</Location>
<FilesMatch "\\.(cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
</FilesMatch>
<Directory "/var/www/cgi-bin">
SSLOptions +StdEnvVars
</Directory>
BrowserMatch “MSIE \[2-5\]”
nokeepalive ssl-unclean-shutdown
downgrade-1.0 force-response-1.0
CustomLog logs/ssl_request_log
“%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x “%r” %b”
</VirtualHost>
In debug mode, i have this error:
[remote 52.57.54.116:443] AH02003: SSL Proxy connect failed
Where is the problem ?
Thanks