Trouble configuring apache server to proxy an SSL connection

I'm running an application on Tomcat7 with Apache Portable Runtime, I bought an SSL certificate and configured it correctly - when I try to connect through the ip:port combination, it connects fine but warns me the certificate is issued to the domain name, not the IP.

The VPS I'm on doesn't have SELinux (and there's an issue installing), which is AFAIK required to have SSL be configured in apache, so I want to just route the requests to Tomcat, which does it on its end.

I configured apache to proxy the connections, first with port 80 that works perfectly:

NameVirtualHost www.mysite.com:80
<VirtualHost www.mysite.com:80>
ProxyPreserveHost On
ProxyRequests Off
ServerName http://www.mysite.com
ServerAlias http://www.mysite.com
ProxyPass / http://localhost:8180/MYSITE/
ProxyPassReverse / http://localhost:8180/MYSITE/
ProxyPassReverseCookiePath /MYSITE/ /
</VirtualHost>

And then with the SSL port that doesn't want to work for some reason:

NameVirtualHost www.mysite.com:443
<VirtualHost www.mysite.com:443>
        SSLProxyEngine On
        ProxyPreserveHost On
        ProxyRequests Off
        ServerName https://www.mysite.com
        ServerAlias https://www.mysite.com
        ProxyPass / https://localhost:8443/MYSITE/
        ProxyPassReverse / https://localhost:8443/MYSITE/
        ProxyPassReverseCookiePath /MYSITE/ /
        CacheDisable *
</VirtualHost>

EDIT: I added the

RequestHeader set Front-End-Https "On"

directive to the VirtualHost www.mysite.com:443, as per: http://www.gossamer-threads.com/lists/apache/users/396577

Here is the Tomcat APR Connector as configured in Tomcat's server.xml -

<Connector port="8443" maxHttpHeaderSize="16500"
                 maxThreads="150"
                 enableLookups="false" disableUploadTimeout="true"
                 acceptCount="100" scheme="https" secure="true"
                 SSLEnabled="true"
                 SSLCertificateFile="x509-cert-path"
                 SSLCertificateKeyFile="key-file-path"
 />

There were no errors/warnings enabling the virtual hosts and restarting apache. When I try to https, this is what I see in FFox:

SSL received a record that exceeded the maximum permissible length.

(Error code: ssl_error_rx_record_too_long)

And in Chromium:

Error 107 (net::ERR_SSL_PROTOCOL_ERROR): SSL protocol error.

Apache's error.log shows this warning message:

[warn] [client 216.58.38.90] proxy: no HTTP 0.9 request (with no host line) on incoming request and preserve host set forcing hostname to be www.mysite.com for uri /

I've spent days trying to configure it, and would be very grateful if someone explained what's going on and how to fix it.

Many thanks. Victor.

Thanks for your answer! I was under the impression the "RequestHeader set Front-End-Https "On"" directive instructed Apache to terminate SSL on the back end of the proxy.

The RequestHeader directive only modifies headers, it doesn't have any operational impact.

I tried to https locally (wget localhost:8443/MYSITE), and it was refused because the cert was issued for www.mysite.com and not the local ip.. maybe that's the issue? In that case, I'll really have to configure SSL on Apache...

You have to configure SSL in Apache in any case. In you current configuration Apache is speaking normal HTTP while your clients are trying to speak SSL.

I think someone figured it out w/o configuring apache - stackoverflow.com/questions/6764852/proxying-with-ssl, but it didn't work for me. Is it possible though?

They're using SSL in Apache (GNUTLSEnable On). It's simply NOT POSSIBLE to make this work without configuring SSL in Apache if you expect your clients to be speaking SSL.