I have the following situation:
On the same machine, I have 3 webservers:
One Keycloak auth server running on port 9443 (https://myserver.com:9443).
Nginx serving a js page on port 3443 (https://myserver.com:3443). If you access the nginx page it redirects you to keycloak for authentication.
One tomcat serving a war file "MyApp" on port 8443 (https://myserver.com:8443/MyApp)
All of the above use SSL
What I need to do is setup reverse proxy using apache for these three services on port 443 (SSL)
Originally I had in mind something like:
Keycloak could be accessible through: https://myserver.com/accounts for example
Nginx through: https://myserver.com/frontpage
and the tomcat war application https://myserver.com/MyApp.
But it seems this cannot be done.
Using something like this does not work:
Code: Select all
ProxyPass /frontpage https://myserver.com:3443/
ProxyPassReverse /frontpage https://myserver.com:3443/
ProxyPass /accounts https://myserver.com:9443/
ProxyPassReverse /accounts https://myserver.com:9443/
This is for front page (Nginx)
Code: Select all
<VirtualHost *:443>
ServerName myserver.com
ServerAlias www.myserver.com
# Logging
LogLevel warn
ErrorLog logs/front-page-error_log
CustomLog logs/frontpage-access_log combined
SSLProxyVerify none
SSLProxyCheckPeerCN off
SSLProxyCheckPeerName off
SSLProxyCheckPeerExpire off
SSLEngine on
SSLProxyEngine on
SSLCipherSuite EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH
SSLProtocol All -SSLv2 -SSLv3 -TLSv1 -TLSv1.1
SSLHonorCipherOrder On
SSLCertificateFile /some/path/cert.crt
SSLCertificateKeyFile /some/path/cert.key
RequestHeader set X-Forwarded-Proto "https"
RequestHeader set X-Forwarded-Port "443"
ProxyRequests Off
ProxyPreserveHost on
DocumentRoot /some/path/nginx/frontpage
ProxyPass / https://myserver.com:3443/
ProxyPassReverse / https://myserver.com:3443/
</VirtualHost>
Code: Select all
ServerName accounts.myserver.com
ProxyPass / https://myserver.com:9443/
ProxyPassReverse / https://myserver.com:9443/
If I hit https://accounts.myserver.com on the browser, it takes me to keycloak.
Haven't tried with tomcat yet.
Is there a way to reverse proxy all three on the same domain name (myserver.com)?
Thank you in advance