how to handle multiple apps via port 443

apache-2.2 redirect httpd.conf port-443

5,469

Solution 1

This can certainly be achieved, and the way you would do it depends upon how your apps run; if they are served by your web server simply listening on certain ports, then you would need to amend your configurations to use VirtualHosts similar to the following:

<VirtualHost *:443>
    ServerAlias app1.com
    DocumentRoot /var/www/html/app1    #or however this app is configured   
    [the rest of your configuration directives for the app]
</VirtualHost>

<VirtualHost *:443>
    ServerAlias app2.com
    [As above but for app2]
</VirtualHost>

Whereas, if your apps are being served by other processes listening on the ports you have noted, then you could set it up using a structure similar to the above, but utilising reverse proxies to serve the apps via port 443, for example:

<VirtualHost *:443>
    ServerAlias app1.com
    ProxyPreserveHost on

    SSLProxyEngine On
    ProxyPass / http://localhost:5443/ #change the port here for the app in question
    ProxyPassReverse / http://localhost:5443/ # change the port here for the app in question

  SSLEngine on
  [SSL directives as appropriate for your requirements]
</VirtualHost>

<VirtualHost *:443>
    ServerAlias app2.com
    ProxyPreserveHost on


    SSLProxyEngine On
    ProxyPass / http://localhost:5443/ #change the port here for the app in question
    ProxyPassReverse / http://localhost:5443/ # change the port here for the app in question

  SSLEngine on
  [SSL directives as appropriate for your requirements]
</VirtualHost>

This way, the SSL is handled by the web server, with the http requests passed back to whichever app is listening on the ports listed - and the apps are differentiated via host name requested. It is worth noting that if the apps are listening on these ports and replying only over SSL, it will be advisable to disable SSL from them (and run it via Apache as instructed above - once configured, also of course close those ports in your firewall if they are currently opened externally).

Solution 2

If you are using OHS then better to use proxy plugin mod_wl_ohs.conf file to do reverse proxy. In mod_wl_ohs.conf you can add below lines

enter image description here

Check http://docs.oracle.com/cd/E28280_01/web.1111/e37889/oracle.htm#PLGWL510 for further info

By this you no more need extra virtual hosts and use OHS 443 to route to multiple weblogic instances

5,469

tcarlson

Updated on September 18, 2022

Comments

tcarlson over 1 year

I am not an expert by any means in regard to apache (in our case Oracle's version of apache, OHS) and redirecting input within httpd.conf. We have multiple applications deployed on WLS 10.3.5 on the same server and would like to have them all accessed via port 443.

Of course, not all the apps can be deployed on 443 we would then receive an error that the port is in use.

For example, we have app1 deployed on 3443, app2 deployed on 4443, and app3 on 5443. Our client, would like to be able to simply enter https:///app1 (or app2 or app3) and not https://:3443/app1 (or :4443/app2 or :5443/app3).

Is it possible to do this within the httpd.conf (or ssl.conf)? Is it possible to have the URLs only use 443 and then within the conf files redirect to where the apps are actually deployed (3443, 4443, and 5443)?
- Tero Kilkanen over 9 years
  
  Yes, this is possible. Google for Apache reverse proxy and you will find help.
- Jenny D over 9 years
  
  Either reverse proxy, or using virtual hosts, or mod_rewrite, or any combination thereof.
- BE77Y over 9 years
  
  It's significantly more constructive to post an answer rather than commenting your 'answer' below the question, you two!
tcarlson over 9 years

In the above example (and the prior one) I see the ServerAlias as app1.com and app2.com. Forgive my ignorance, but our server names for our examples are all the same... not on app1.com or app2.com. In the ProxyPass example, since the only difference with the URLs is the app name would the first "/" in ProxyPass and ProxyPassReverse be the "/app1" or "/app2"?
grag42 over 9 years

BE77Y's answer is more detailed. will use for reference.
grag42 over 9 years

The ServerAlias in line 2 is the URL the server is listening for. The / in proxypass line 6 says everything after the url including the base url will be passed to the new URL . SO on one system you can have all three urls hosted on the same site. https://apps1 and the others all on 443. users will go the the url they want and be redirected appropriately to the actual site https://yoursite:3443/ .
grag42 over 9 years

I see the confusion. it was hard to see the 3 slashes in your original post. the proxypass would be ProxyPass /app1 https://yourserver:3443/app1 with matching ProxyPassReverse and duplicated and updated for the other 2 instances
tcarlson over 9 years

Sorry for the shorthand /// was running tight on characters. Therefore, if the URL is yourserver.com/app1, the ServerAlias would be yourserver.com and the ProxyPass would be / yourserver.com:3443/app1 with ProxyPassReverse matching, correct? And then of course the same for the other 2.
BE77Y over 9 years

It does seem to be a little more than coincidental that your original post seems to have been edited after the fact to include the extra information you require, directly pulled from my answer below! I should note however, that there are some configuration errors in the above which will prevent it from working - and inconsistencies, for example; your app1 has the forward proxy going via http and the reverse via https - etc.