SSL Java connection thru Proxy question
tnzeibig Sep 11, 2015 10:58 AMI've got an Apache https (443) server in front of JBOSS 5.1 using Java 1.6, and this part finally works fine.
However, the Java does a connect to a payment gateway, and I'm trying to get this to go thru the Apache proxy also.
My goal is to have the Apache server handle all the TLS communication to the gateway.
a. if I leave out the proxy command, it just goes out without going thru the proxy
b. if I point the proxy command to the 443 server, I get an error that I'm trying to talk HTTP to HTTPS
c. if I point the proxy to port 80, the connect shows up in the apache logs, but not sure this is then going out as https over 443 or just over 80?
I've pasted some of the config lines below. Is this 'tunneling'?
Any help or direction is greatly appreciated, thanks
Tom
### the Java connection ###############
URL post = new URL( "https", getHostAddress(), getHostPort(), "/somegateway/xyz.dll" );
HttpURLConnection postConn;
Proxy proxy = new Proxy(Proxy.Type.HTTP, new InetSocketAddress("127.0.0.1",80));
postConn = (HttpURLConnection)post.openConnection(proxy);
postConn.setRequestMethod( "POST" );
postConn.setDoOutput( true );
BufferedReader in = new BufferedReader( new InputStreamReader( postConn.getInputStream() ) );
### httpd.conf ##############
Listen 80
ServerName 127.0.0.1:80
Include conf/mod-jk.conf
<IfModule proxy_html_module>
Include conf/extra/proxy-html.conf
</IfModule>
<VirtualHost *:80>
ProxyRequests ON
</VirtualHost>
<Proxy *>
Order deny,allow
Deny from all
Allow from 127.0.0.1
</Proxy>
Include conf/extra/httpd-ssl.conf
### httpd-ssl.conf ##############
Listen 443
SSLHonorCipherOrder on
SSLProtocol all -SSLv3
SSLProxyProtocol all -SSLv3
<VirtualHost _default_:443>
SSLProxyEngine on
JkMount /* node1
<Location /jkstatus/>
JkMount status
Order deny,allow
Deny from all
Allow from 127.0.0.1
</Location>
ServerName localhost:443
SSLEngine on
</VirtualHost>
### workers.properties ###########
worker.node1.type=ajp13
worker.node1.host=localhost
worker.node1.port=8009
worker.node1.ping_mode=A
worker.list=node1
worker.status.type=status
worker.list=status
### mod-jk.conf ###########
LoadModule jk_module modules/mod_jk.so
JkWorkersFile conf/workers.properties
JkMount /* node1
<Location /jkstatus/>
JkMount status
Order deny,allow
Deny from all
Allow from 127.0.0.1
</Location>
### Server.xml ###
<Connector protocol="AJP/1.3" port="8009" address="${jboss.bind.address}"
redirectPort="8443" />
<Connector protocol="HTTP/1.1" SSLEnabled="true" port="8443" scheme="https" secure="true"
keepAliveTimeout="120000" acceptCount="200" maxThreads="100" maxSpareThreads="50" minSpareThreads="15"
enableLookups="false"
...
/>
<Engine name="jboss.web" defaultHost="localhost" jvmroute="node1">