mod rewrite - redirect an internal IP from HTTP to HTTPS with Apache -

-

hey all- have looked on here , google none of suggestions seem working me. i'm working on internal site @ point endpoints ips vs urls. accessing site via https works, http says "cannot establish connection". can't seem find in logs explains why. have warnings cert since self signed don't think causing it. have tried rewrite , redirect both separately no luck. have them both commented out below, have tried 1 or other on.

#<virtualhost *:80> #    rewriteengine on #    rewritecond %{https} off #    rewriterule (.*) https://%{http_host}%{request_uri} #</virtualhost> <virtualhost *:443>     servername 192.168.xxx.xxx     proxyrequests off     proxypreservehost on     sslengine on     sslcertificatefile /etc/httpd/ssl/server.crt     sslcertificatekeyfile /etc/httpd/ssl/server.key     proxypass / http://localhost:8080/     proxypassreverse / http://localhost:8080/     <proxy *>         order deny,allow         allow     </proxy> </virtualhost> #redirect permanent http://192.168.xxx.xxx https://192.168.xxx.xxx

this error_log of request. rewrite_log remains empty.

[wed sep 29 17:22:17 2010] [notice] selinux policy enabled; httpd running context unconfined_u:system_r:httpd_t:s0 [wed sep 29 17:22:17 2010] [notice] suexec mechanism enabled (wrapper: /usr/sbin/suexec) [wed sep 29 17:22:17 2010] [info] init: seeding prng 256 bytes of entropy [wed sep 29 17:22:17 2010] [notice] ssl fips mode disabled [wed sep 29 17:22:17 2010] [info] loading certificate & private key of ssl-aware server [wed sep 29 17:22:17 2010] [debug] ssl_engine_pphrase.c(470): unencrypted rsa private key - pass phrase not required [wed sep 29 17:22:17 2010] [info] init: generating temporary rsa private keys (512/1024 bits) [wed sep 29 17:22:17 2010] [info] init: generating temporary dh parameters (512/1024 bits) [wed sep 29 17:22:17 2010] [info] init: initializing (virtual) servers ssl [wed sep 29 17:22:17 2010] [info] configuring server ssl protocol [wed sep 29 17:22:17 2010] [debug] ssl_engine_init.c(465): creating new ssl context (protocols: sslv2, sslv3, tlsv1) [wed sep 29 17:22:17 2010] [debug] ssl_engine_init.c(420): configuring tls extension handling [wed sep 29 17:22:17 2010] [debug] ssl_engine_init.c(792): configuring rsa server certificate [wed sep 29 17:22:17 2010] [warn] rsa server certificate ca certificate (basicconstraints: ca == true !?) [wed sep 29 17:22:17 2010] [warn] rsa server certificate commonname (cn) `localhost' not match server name!? [wed sep 29 17:22:17 2010] [debug] ssl_engine_init.c(831): configuring rsa server private key [wed sep 29 17:22:17 2010] [info] mod_ssl/2.2.16 compiled against server: apache/2.2.16, library: openssl/1.0.0a-fips [wed sep 29 17:22:17 2010] [notice] digest: generating secret digest authentication ... [wed sep 29 17:22:17 2010] [notice] digest: done [wed sep 29 17:22:17 2010] [debug] util_ldap.c(1990): ldap merging shared cache conf: shm=0x1df29a8 rmm=0x1df29d8 vhost: 192.168.xxx.xxx [wed sep 29 17:22:17 2010] [debug] util_ldap.c(1990): ldap merging shared cache conf: shm=0x1df29a8 rmm=0x1df29d8 vhost: jira.test.com [wed sep 29 17:22:17 2010] [debug] util_ldap.c(1990): ldap merging shared cache conf: shm=0x1df29a8 rmm=0x1df29d8 vhost: jira.test.com [wed sep 29 17:22:17 2010] [info] apr ldap: built openldap ldap sdk [wed sep 29 17:22:17 2010] [info] ldap: ssl support available [wed sep 29 17:22:17 2010] [info] init: seeding prng 256 bytes of entropy [wed sep 29 17:22:17 2010] [notice] ssl fips mode disabled [wed sep 29 17:22:17 2010] [info] loading certificate & private key of ssl-aware server [wed sep 29 17:22:17 2010] [debug] ssl_engine_pphrase.c(470): unencrypted rsa private key - pass phrase not required [wed sep 29 17:22:17 2010] [info] init: generating temporary rsa private keys (512/1024 bits) [wed sep 29 17:22:17 2010] [info] init: generating temporary dh parameters (512/1024 bits) [wed sep 29 17:22:17 2010] [debug] ssl_scache_shmcb.c(253): shmcb_init allocated 512000 bytes of shared memory [wed sep 29 17:22:17 2010] [debug] ssl_scache_shmcb.c(272): 511952 bytes (512000 including header), recommending 32 subcaches, 133 indexes each [wed sep 29 17:22:17 2010] [debug] ssl_scache_shmcb.c(306): shmcb_init_memory choices follow [wed sep 29 17:22:17 2010] [debug] ssl_scache_shmcb.c(308): subcache_num = 32 [wed sep 29 17:22:17 2010] [debug] ssl_scache_shmcb.c(310): subcache_size = 15996 [wed sep 29 17:22:17 2010] [debug] ssl_scache_shmcb.c(312): subcache_data_offset = 2144 [wed sep 29 17:22:17 2010] [debug] ssl_scache_shmcb.c(314): subcache_data_size = 13852 [wed sep 29 17:22:17 2010] [debug] ssl_scache_shmcb.c(316): index_num = 133 [wed sep 29 17:22:17 2010] [info] shared memory session cache initialised [wed sep 29 17:22:17 2010] [info] init: initializing (virtual) servers ssl [wed sep 29 17:22:17 2010] [info] configuring server ssl protocol [wed sep 29 17:22:17 2010] [debug] ssl_engine_init.c(465): creating new ssl context (protocols: sslv2, sslv3, tlsv1) [wed sep 29 17:22:17 2010] [debug] ssl_engine_init.c(420): configuring tls extension handling [wed sep 29 17:22:17 2010] [debug] ssl_engine_init.c(792): configuring rsa server certificate [wed sep 29 17:22:17 2010] [warn] rsa server certificate ca certificate (basicconstraints: ca == true !?) [wed sep 29 17:22:17 2010] [warn] rsa server certificate commonname (cn) `localhost' not match server name!? [wed sep 29 17:22:17 2010] [debug] ssl_engine_init.c(831): configuring rsa server private key [wed sep 29 17:22:17 2010] [info] mod_ssl/2.2.16 compiled against server: apache/2.2.16, library: openssl/1.0.0a-fips [wed sep 29 17:22:17 2010] [error] avahi_entry_group_add_service_strlst("192.168.xxx.xxx") failed: invalid host name [wed sep 29 17:22:17 2010] [debug] proxy_util.c(1818): proxy: grabbed scoreboard slot 1 in child 6661 worker proxy:reverse [wed sep 29 17:22:17 2010] [debug] proxy_util.c(1818): proxy: grabbed scoreboard slot 1 in child 6660 worker proxy:reverse [wed sep 29 17:22:17 2010] [debug] proxy_util.c(1837): proxy: worker proxy:reverse initialized [wed sep 29 17:22:17 2010] [debug] proxy_util.c(1934): proxy: initialized single connection worker 1 in child 6660 (*) [wed sep 29 17:22:17 2010] [debug] proxy_util.c(1818): proxy: grabbed scoreboard slot 0 in child 6660 worker http://localhost:8080/ [wed sep 29 17:22:17 2010] [debug] proxy_util.c(1934): proxy: initialized single connection worker 0 in child 6660 (localhost) [wed sep 29 17:22:17 2010] [debug] proxy_util.c(1818): proxy: grabbed scoreboard slot 1 in child 6662 worker proxy:reverse [wed sep 29 17:22:17 2010] [debug] proxy_util.c(1837): proxy: worker proxy:reverse initialized [wed sep 29 17:22:17 2010] [debug] proxy_util.c(1934): proxy: initialized single connection worker 1 in child 6661 (*) [wed sep 29 17:22:17 2010] [debug] proxy_util.c(1818): proxy: grabbed scoreboard slot 1 in child 6663 worker proxy:reverse [wed sep 29 17:22:17 2010] [debug] proxy_util.c(1818): proxy: grabbed scoreboard slot 0 in child 6661 worker http://localhost:8080/ [wed sep 29 17:22:17 2010] [debug] proxy_util.c(1837): proxy: worker proxy:reverse initialized [wed sep 29 17:22:17 2010] [debug] proxy_util.c(1837): proxy: worker http://localhost:8080/ initialized [wed sep 29 17:22:17 2010] [debug] proxy_util.c(1934): proxy: initialized single connection worker 1 in child 6663 (*) [wed sep 29 17:22:17 2010] [debug] proxy_util.c(1818): proxy: grabbed scoreboard slot 0 in child 6663 worker http://localhost:8080/ [wed sep 29 17:22:17 2010] [debug] proxy_util.c(1934): proxy: initialized single connection worker 0 in child 6661 (localhost) [wed sep 29 17:22:17 2010] [debug] proxy_util.c(1837): proxy: worker http://localhost:8080/ initialized [wed sep 29 17:22:17 2010] [debug] proxy_util.c(1934): proxy: initialized single connection worker 0 in child 6663 (localhost) [wed sep 29 17:22:17 2010] [debug] proxy_util.c(1934): proxy: initialized single connection worker 1 in child 6662 (*) [wed sep 29 17:22:17 2010] [debug] proxy_util.c(1818): proxy: grabbed scoreboard slot 0 in child 6662 worker http://localhost:8080/ [wed sep 29 17:22:17 2010] [debug] proxy_util.c(1837): proxy: worker http://localhost:8080/ initialized [wed sep 29 17:22:17 2010] [debug] proxy_util.c(1934): proxy: initialized single connection worker 0 in child 6662 (localhost) [wed sep 29 17:22:17 2010] [debug] proxy_util.c(1818): proxy: grabbed scoreboard slot 1 in child 6664 worker proxy:reverse [wed sep 29 17:22:17 2010] [debug] proxy_util.c(1837): proxy: worker proxy:reverse initialized [wed sep 29 17:22:17 2010] [debug] proxy_util.c(1934): proxy: initialized single connection worker 1 in child 6664 (*) [wed sep 29 17:22:17 2010] [debug] proxy_util.c(1818): proxy: grabbed scoreboard slot 0 in child 6664 worker http://localhost:8080/ [wed sep 29 17:22:17 2010] [debug] proxy_util.c(1837): proxy: worker http://localhost:8080/ initialized [wed sep 29 17:22:17 2010] [debug] proxy_util.c(1934): proxy: initialized single connection worker 0 in child 6664 (localhost) [wed sep 29 17:22:17 2010] [debug] proxy_util.c(1818): proxy: grabbed scoreboard slot 1 in child 6665 worker proxy:reverse [wed sep 29 17:22:17 2010] [notice] apache/2.2.16 (unix) dav/2 mod_ssl/2.2.16 openssl/1.0.0a-fips configured -- resuming normal operations [wed sep 29 17:22:17 2010] [debug] proxy_util.c(1837): proxy: worker proxy:reverse initialized [wed sep 29 17:22:17 2010] [info] server built: jul 27 2010 15:58:08 [wed sep 29 17:22:17 2010] [debug] proxy_util.c(1934): proxy: initialized single connection worker 1 in child 6665 (*) [wed sep 29 17:22:17 2010] [debug] proxy_util.c(1818): proxy: grabbed scoreboard slot 0 in child 6665 worker http://localhost:8080/ [wed sep 29 17:22:17 2010] [debug] prefork.c(1013): acceptmutex: sysvsem (default: sysvsem) [wed sep 29 17:22:17 2010] [debug] proxy_util.c(1837): proxy: worker http://localhost:8080/ initialized [wed sep 29 17:22:17 2010] [debug] proxy_util.c(1934): proxy: initialized single connection worker 0 in child 6665 (localhost) [wed sep 29 17:22:17 2010] [debug] proxy_util.c(1818): proxy: grabbed scoreboard slot 1 in child 6666 worker proxy:reverse [wed sep 29 17:22:17 2010] [debug] proxy_util.c(1837): proxy: worker proxy:reverse initialized [wed sep 29 17:22:17 2010] [debug] proxy_util.c(1934): proxy: initialized single connection worker 1 in child 6666 (*) [wed sep 29 17:22:17 2010] [debug] proxy_util.c(1818): proxy: grabbed scoreboard slot 0 in child 6666 worker http://localhost:8080/ [wed sep 29 17:22:17 2010] [debug] proxy_util.c(1818): proxy: grabbed scoreboard slot 1 in child 6667 worker proxy:reverse [wed sep 29 17:22:17 2010] [debug] proxy_util.c(1837): proxy: worker http://localhost:8080/ initialized [wed sep 29 17:22:17 2010] [debug] proxy_util.c(1837): proxy: worker proxy:reverse initialized [wed sep 29 17:22:17 2010] [debug] proxy_util.c(1934): proxy: initialized single connection worker 1 in child 6667 (*) [wed sep 29 17:22:17 2010] [debug] proxy_util.c(1934): proxy: initialized single connection worker 0 in child 6666 (localhost) [wed sep 29 17:22:17 2010] [debug] proxy_util.c(1818): proxy: grabbed scoreboard slot 0 in child 6667 worker http://localhost:8080/ [wed sep 29 17:22:17 2010] [debug] proxy_util.c(1837): proxy: worker http://localhost:8080/ initialized [wed sep 29 17:22:17 2010] [debug] proxy_util.c(1934): proxy: initialized single connection worker 0 in child 6667 (localhost)

if first section of file commented out, apache doesn't have config telling listen on port 80 (http).

you need both sites running both give response (even if http response "go https")


Comments

Post a Comment

Popular posts from this blog

c++ - Convert big endian to little endian when reading from a binary file -

-
this question has answer here: how convert between big-endian , little-endian values in c++? 28 answers i've been looking around how convert big-endian little-endians. didn't find solve problem. seem there's many way can conversion. anyway following code works ok in big-endian system. how should write conversion function work on little-endian system well? this homework, since systems @ school running big-endian system. it's got curious , wanted make work on home computer also #include <iostream> #include <fstream> using namespace std; int main() { ifstream file; file.open("file.bin", ios::in | ios::binary); if(!file) cerr << "not able read" << endl; else { cout << "opened" << endl; int i_var; double d_var; while(!file.eof()) {...
Read more

C#: Application without a window or taskbar item (background app) that can still use Console.WriteLine() -

-
i'm trying create application adheres following: no taskbar no console or form window can utilize console.writeline() . (i.e. if executes app command prompt write console.) the problem if create windows form (or wpf) application can have there no taskbar, console or window show up, console.writeline() nothing. if create console app, writes console, can't figure out how hide (and if did hide it, write command prompt window?)... how do this? just create standard console application. callers responsibility hide window caused program (from how run c# console application console hidden ): system.diagnostics.processstartinfo start = new system.diagnostics.processstartinfo(); start.filename = dir + @"\myprocesstostart.exe"; start.windowstyle = system.diagnostics.processwindowstyle.hidden;
Read more

unicode - Are email addresses allowed to contain non-alphanumeric characters? -

-
i'm building website using `django. website have significant users non-english speaking countries. i want know if there technical restrictions on types of characters email address contain. are email addresses allowed contain english alphabets, numbers, "_", "@" , "."? are allowed contain non-english alphabets "é" or "ü"? are allowed contain chinese or japanese or other unicode characters? email address consists of 2 parts local before @ , domain goes after. rules these parts different: for local part can use ascii: latin letters - z - z digits 0 - 9 special characters !#$%&'*+-/=?^_`{|}~ dot ., not first or last, , not in sequence space , "(),:;<>@[] characters allowed restrictions (they allowed inside quoted string, backslash or double-quote must preceded backslash) plus since 2012 can use international characters above u+007f , encoded as utf-8 . domain part more res...
Read more