Aug 25, 2011
tom

How do I force Apache to use HTTPS in conjunction with AJP?

Question

We have an Apache web site, with certain portions powered by JBoss. The question is, how can we get Apache to force all HTTP requests to be re-directed to the HTTPS equivalent?

On our old server (CentOS 4, Apache 2.0, mod_jk), we have the following configuration:

<VirtualHost 1.2.3.4:80>
Redirect / https://www.foo.com/
</VirtualHost>

This works great — any requests to a PHP, vanilla HTML, or JBoss-powered web page get re-directed. However, on our new server (CentOS 5, Apache 2.2, mod_proxy_ajp), the same configuration only works for vanilla pages — not for anything being sent to JBoss using AJP.

I also tried the following, which I found at http://www.webmasterworld.com/apache/3050511.htm:

<Proxy *>
    RewriteEngine on
    RewriteCond %{SERVER_PORT} !^443$
    RewriteRule ^.*$ https://%{SERVER_NAME}%{REQUEST_URI} [L,R]
</Proxy>

But still no luck. I feel like I’m missing something obvious. Any help?

P.S. I am not in any way an Apache expert. I apologize if this turns out to be a beginner question :-P.

Answer

If I understand you correctly, you want to upgrade all http requests to https. If this is correct try this

<VirtualHost ip:80>
   ServerName www.company.com   RedirectMatch permanent ^(.*)$ https://www.company.com$1
</VirtualHost><VirtualHost ip:443>
   ServerName www.company.com   Include vhosts.d/includes/ssl.conf   # assumes you want to proxy everything on this vhost to jboss:8009
   <Location / >
       ProxyPass ajp://jboss:8009/
   </Location>
</Location>

Related posts:

  1. Apache ProxyPassReverse and https
  2. How does Apache mod_proxy_ajp work when Jboss runs as a cluster with AJP on 2 different ports?
  3. How to force SSL (https) on Apache Location
  4. force https with apache before .htpasswd
  5. SSL/HTTPS proxy for apache virtual host

Leave a comment