0 Replies Latest reply on Sep 11, 2015 10:58 AM by Tom Zeibig

    SSL Java connection thru Proxy question

    Tom Zeibig Newbie

      I've got an Apache https (443) server in front of JBOSS 5.1 using Java 1.6, and this part finally works fine.

      However, the Java does a connect to a payment gateway, and I'm trying to get this to go thru the Apache proxy also.

      My goal is to have the Apache server handle all the TLS communication to the gateway.

       

      a. if I leave out the proxy command, it just goes out without going thru the proxy

      b. if I point the proxy command to the 443 server, I get an error that I'm trying to talk HTTP to HTTPS

      c. if I point the proxy to port 80, the connect shows up in the apache logs, but not sure this is then going out as https over 443 or just over 80?

       

      I've pasted some of the config lines below. Is this 'tunneling'?

       

      Any help or direction is greatly appreciated, thanks

      Tom

       

       

      ### the Java connection ###############

      URL post = new URL( "https", getHostAddress(), getHostPort(), "/somegateway/xyz.dll" );

      HttpURLConnection postConn;

      Proxy proxy = new Proxy(Proxy.Type.HTTP, new InetSocketAddress("127.0.0.1",80));

      postConn = (HttpURLConnection)post.openConnection(proxy);

      postConn.setRequestMethod( "POST" );

      postConn.setDoOutput( true );

      BufferedReader in = new BufferedReader( new InputStreamReader( postConn.getInputStream() ) );

       

       

      ### httpd.conf ##############

      Listen 80

      ServerName 127.0.0.1:80

      Include conf/mod-jk.conf

       

      <IfModule proxy_html_module>

      Include conf/extra/proxy-html.conf

      </IfModule>

       

      <VirtualHost *:80>

      ProxyRequests ON

      </VirtualHost>

      <Proxy *>

      Order deny,allow

      Deny from all

      Allow from 127.0.0.1

      </Proxy>

      Include conf/extra/httpd-ssl.conf

       

      ### httpd-ssl.conf ##############

      Listen 443

      SSLHonorCipherOrder on

      SSLProtocol all -SSLv3

      SSLProxyProtocol all -SSLv3

       

      <VirtualHost _default_:443>

      SSLProxyEngine on

       

      JkMount /* node1

      <Location /jkstatus/>

      JkMount status

      Order deny,allow

      Deny from all

      Allow from 127.0.0.1

      </Location>

       

      ServerName localhost:443

      SSLEngine on

      </VirtualHost>

       

       

      ### workers.properties ###########

      worker.node1.type=ajp13

      worker.node1.host=localhost

      worker.node1.port=8009

      worker.node1.ping_mode=A

      worker.list=node1

      worker.status.type=status

      worker.list=status

       

      ### mod-jk.conf ###########

      LoadModule jk_module modules/mod_jk.so

      JkWorkersFile conf/workers.properties

       

      JkMount /* node1

       

      <Location /jkstatus/>

      JkMount status

      Order deny,allow

      Deny from all

      Allow from 127.0.0.1

      </Location>

       

      ### Server.xml ###

            <Connector protocol="AJP/1.3" port="8009" address="${jboss.bind.address}"

               redirectPort="8443" />

       

            <Connector protocol="HTTP/1.1" SSLEnabled="true" port="8443" scheme="https" secure="true"

                  keepAliveTimeout="120000" acceptCount="200" maxThreads="100" maxSpareThreads="50" minSpareThreads="15"

                  enableLookups="false"

                  ...

                  />

          

       

            <Engine name="jboss.web" defaultHost="localhost" jvmroute="node1">