Apache 如何在代理后隐藏弱SSL?
因此,我有以下设置: 弱TLS 1.0应用程序DMZ反向代理客户端 Apache Vhost的配置如下: HTTP:Apache 如何在代理后隐藏弱SSL?,apache,security,ssl,proxy,reverse-proxy,Apache,Security,Ssl,Proxy,Reverse Proxy,因此,我有以下设置: 弱TLS 1.0应用程序DMZ反向代理客户端 Apache Vhost的配置如下: HTTP: ServerName.application.de 重定向/https://weak.application.de/ HTTPS: <VirtualHost x.x.x.x:443> ServerName weak.application.de:443 SSLEngine on SSLCipherSuite AES256+EECDH:AES256+E
ServerName.application.de
重定向/https://weak.application.de/
<VirtualHost x.x.x.x:443>
ServerName weak.application.de:443
SSLEngine on
SSLCipherSuite AES256+EECDH:AES256+EDH
SSLProtocol All -SSLv2 -SSLv3 -TLSv1 -TLSv1.1
SSLHonorCipherOrder On
SSLCompression off
SSLCertificateFile /actual/cert/of/the/application
SSLCertificateKeyFile /actual/key/of/the/application
SSLCertificateChainFile /actual/intermediate_chain/of/the/application
SSLProxyEngine On
RequestHeader set X-Forwarded-Proto "https"
RequestHeader set X-Forwarded-Port "443"
ProxyRequests Off
ProxyPass / https://weak.application.de/
ProxyPassReverse / https://weak.application.de/
</VirtualHost>
ServerName.application.de:443
斯伦金安
SSLCipherSuite AES256+EECDH:AES256+EDH
SSLProtocol All-SSLv2-SSLv3-TLSv1-TLSv1.1
SSLHonorCipherOrder开启
SSL压缩关闭
SSLCertificateFile/actual/cert/of/the/application
SSLCertificateKeyFile/actual/key/of/the/application
SSLCertificateChainFile/actual/intermediate\u chain/of/the/application
SSLProxyEngine打开
RequestHeader集合X-Forwarded-Proto“https”
RequestHeader设置X转发端口“443”
代理请求关闭
ProxyPass/https://weak.application.de/
ProxyPassReverse/https://weak.application.de/
干杯,Tomasz我刚刚发现这是某种缓存/会话问题。 配置是正确的,在重新加载httpd并使用私有冲浪之后,我能够通过代理与弱服务器连接,但看起来我们使用的是tls1.2 由于我使用代理IP作为主机名向服务器发送请求,因此我还必须添加以下行以防止服务器错误:
SSLProxyVerify none
SSLProxyCheckPeerCN off
SSLProxyCheckPeerName off
SSLProxyVerify none
SSLProxyCheckPeerCN off
SSLProxyCheckPeerName off