Setup Reverse Proxy in Apache on RHEL 6

Problem Description : 

Method used to run on port 443 instead of higher numbered ports such as those used with Tomcat (i.e. 8443, 9443, etc.)

 Resolution : 

1. Install a certificate for Apache following instructions in Best Solution #289 (Apache Redhat SSL Certificate Request and Installation - For Comodo)

2. Make sure the Apache modules below are enabled within /etc/httpd/conf/httpd.conf. Both should be enabled by default on RHEL Apache.

LoadModule proxy_module modules/mod_proxy.so

LoadModule proxy_http_module modules/mod_proxy_http.so

3. Open /etc/httpd/conf.d/ssl.conf and locate default virtual host section for 443. Inside <VirtualHost _default_:443> tag add the following:

SSLProxyEngine on

ProxyPass “/” “https://<< URL >>:<PORT>/”

ProxyPassReverse “/” “https://<< URL >>:<PORT>/”

4. SELinux on RHEL/CentOS by default ships so that httpd processes cannot initiate outbound connections, which is just what mod_proxy attempts to do. Run the command below from a terminal window to permanently update SELinux to allow httpd (Apache) to initiate a network connection.

/usr/sbin/setsebool -P httpd_can_network_connect 1

If you forgot to do this you will see the error below in Apache’s error log:

[error] (13)Permission denied: proxy: AJP: attempt to connect to 10.x.x.x:7009 (virtualhost.virtualdomain.com) failed

5. Restart Apache

apachectl restart 

 Revision Date : 2/7/2017