how to handle multiple apps via port 443
Solution 1
This can certainly be achieved, and the way you would do it depends upon how your apps run; if they are served by your web server simply listening on certain ports, then you would need to amend your configurations to use VirtualHosts similar to the following:
<VirtualHost *:443>
ServerAlias app1.com
DocumentRoot /var/www/html/app1 #or however this app is configured
[the rest of your configuration directives for the app]
</VirtualHost>
<VirtualHost *:443>
ServerAlias app2.com
[As above but for app2]
</VirtualHost>
Whereas, if your apps are being served by other processes listening on the ports you have noted, then you could set it up using a structure similar to the above, but utilising reverse proxies to serve the apps via port 443, for example:
<VirtualHost *:443>
ServerAlias app1.com
ProxyPreserveHost on
SSLProxyEngine On
ProxyPass / http://localhost:5443/ #change the port here for the app in question
ProxyPassReverse / http://localhost:5443/ # change the port here for the app in question
SSLEngine on
[SSL directives as appropriate for your requirements]
</VirtualHost>
<VirtualHost *:443>
ServerAlias app2.com
ProxyPreserveHost on
SSLProxyEngine On
ProxyPass / http://localhost:5443/ #change the port here for the app in question
ProxyPassReverse / http://localhost:5443/ # change the port here for the app in question
SSLEngine on
[SSL directives as appropriate for your requirements]
</VirtualHost>
This way, the SSL is handled by the web server, with the http requests passed back to whichever app is listening on the ports listed - and the apps are differentiated via host name requested. It is worth noting that if the apps are listening on these ports and replying only over SSL, it will be advisable to disable SSL from them (and run it via Apache as instructed above - once configured, also of course close those ports in your firewall if they are currently opened externally).
Solution 2
If you are using OHS then better to use proxy plugin mod_wl_ohs.conf file to do reverse proxy. In mod_wl_ohs.conf you can add below lines
Check http://docs.oracle.com/cd/E28280_01/web.1111/e37889/oracle.htm#PLGWL510 for further info
By this you no more need extra virtual hosts and use OHS 443 to route to multiple weblogic instances
Related videos on Youtube
tcarlson
Updated on September 18, 2022Comments
-
tcarlson over 1 year
I am not an expert by any means in regard to apache (in our case Oracle's version of apache, OHS) and redirecting input within httpd.conf. We have multiple applications deployed on WLS 10.3.5 on the same server and would like to have them all accessed via port 443.
Of course, not all the apps can be deployed on 443 we would then receive an error that the port is in use.
For example, we have app1 deployed on 3443, app2 deployed on 4443, and app3 on 5443. Our client, would like to be able to simply enter https:///app1 (or app2 or app3) and not https://:3443/app1 (or :4443/app2 or :5443/app3).
Is it possible to do this within the httpd.conf (or ssl.conf)? Is it possible to have the URLs only use 443 and then within the conf files redirect to where the apps are actually deployed (3443, 4443, and 5443)?
-
Tero Kilkanen over 9 yearsYes, this is possible. Google for
Apache reverse proxy
and you will find help. -
Jenny D over 9 yearsEither reverse proxy, or using virtual hosts, or mod_rewrite, or any combination thereof.
-
BE77Y over 9 yearsIt's significantly more constructive to post an answer rather than commenting your 'answer' below the question, you two!
-
-
tcarlson over 9 yearsIn the above example (and the prior one) I see the ServerAlias as app1.com and app2.com. Forgive my ignorance, but our server names for our examples are all the same... not on app1.com or app2.com. In the ProxyPass example, since the only difference with the URLs is the app name would the first "/" in ProxyPass and ProxyPassReverse be the "/app1" or "/app2"?
-
grag42 over 9 yearsBE77Y's answer is more detailed. will use for reference.
-
grag42 over 9 yearsThe
ServerAlias
in line 2 is the URL the server is listening for. The / inproxypass
line 6 says everything after the url including the base url will be passed to the new URL . SO on one system you can have all three urls hosted on the same site.https://apps1
and the others all on 443. users will go the the url they want and be redirected appropriately to the actual sitehttps://yoursite:3443/
. -
grag42 over 9 yearsI see the confusion. it was hard to see the 3 slashes in your original post. the proxypass would be
ProxyPass /app1 https://yourserver:3443/app1
with matchingProxyPassReverse
and duplicated and updated for the other 2 instances -
tcarlson over 9 yearsSorry for the shorthand /// was running tight on characters. Therefore, if the URL is yourserver.com/app1, the ServerAlias would be yourserver.com and the ProxyPass would be / yourserver.com:3443/app1 with ProxyPassReverse matching, correct? And then of course the same for the other 2.
-
BE77Y over 9 yearsIt does seem to be a little more than coincidental that your original post seems to have been edited after the fact to include the extra information you require, directly pulled from my answer below! I should note however, that there are some configuration errors in the above which will prevent it from working - and inconsistencies, for example; your app1 has the forward proxy going via http and the reverse via https - etc.