Thursday, May 26, 2022

[SOLVED] Use Apache To Run SSL On Port 8980 Specifically

Issue

I have a web service which I access by typing the following URL exactly as is (character for character):

http://10.115.252.127:8980/opennms/login.jsp

The website files are served from /opt/opennms/jetty-webapps/opennms/

My objective is to use Apache (httpd.conf) to force any traffic to this URL to use SSL and no longer HTTP.

  1. I have successfully installed the SSL certificates with no issues.
  2. I have configured a VirtualHost directive to redirect port 80 to 443
  3. Only sites under /var/www/html/* are being successfully redirected.

Example: http://10.115.252.127/numbers successfully redirects to https://10.115.252.127/numbers http://10.115.252.127/charts successfully redirects to https://10.115.252.127/charts

But, when I type in the URL http://10.115.252.127:8980/opennms/login.jsp it is always served as HTTP...how do I make it served as HTTPS like the others? I have checked the forums and all the posts assume you will always be redirecting port 80 and dont say anything about how to use SSL in the scenario I explained. I have the same issue with another service running on port 3000 http://10.115.252.127:3000/login

===extract from my httpd.conf===

<VirtualHost *:80>
ServerName 10.115.252.127
Redirect permanent / https://10.115.252.127/
</VirtualHost>


<VirtualHost *:443>
        SSLEngine on
        SSLCertificateFile /etc/httpd/conf/ssl.crt/cert_mtocb2500lbscorp.crt
        SSLCertificateKeyFile /etc/httpd/conf/ssl.key/mtocb2500-lbscorp.key
        ServerName 10.115.252.127
        #Documentroot /var/www/html
</VirtualHost>

Solution

Based on your confirmation of my understanding, here is what you can do:

############################################################################
Listen 80

# All connections on port 80 are redirected to port 443
<VirtualHost *:80>
    ServerName www.example.com
    CustomLog "logs/80_access.log" combined
    ErrorLog "logs/80_error.log"

    Redirect permanent / https://www.example.com
    
    # No documentRoot, no content
</VirtualHost>

############################################################################
Listen 443

# All URI are answered from the documentRoot directory
# EXCEPT /openms, which is proxied to :8980
<VirtualHost *:443>
    ServerName www.example.com

    # temporary, remove when tests done
    LogLevel debug
    CustomLog "logs/443_access.log" combined
    Errorlog "logs/443_error.log"

    SSLEngine on
    SSLCertificateFile /etc/httpd/conf/ssl.crt/cert_mtocb2500lbscorp.crt
    SSLCertificateKeyFile /etc/httpd/conf/ssl.key/mtocb2500-lbscorp.key

    # For your redirection to 8980
    ProxyPass           /opennms    "https://www.example.com:8980/"
    ProxyPassReverse    /opennms    "https://www.example.com:8980/"

    documentRoot "/yourdir/apache/htdocs"
    DirectoryIndex index.html
</VirtualHost>

Prerequisites

  • you must load proxy modules
  • you must load rewrite module
  • port 8980 is linked to some other software. Apache does not handle 8980.


Answered By - Nic3500
Answer Checked By - Senaida (WPSolving Volunteer)
at