I don't know why I am having such difficulty. I have setup Apache and Nginx in the past. I must be missing something.
I have allowed port 80 and 443 in the incoming firewall settings. I added a virtual server to proxypass as follows:
Virtual host: home.[mydomain].ca
Target server: internal_iport
Target path: left blank
Validate SSL on connection to target: Disabled
I also have the web server installed as I assumed it was needed for some reason. They both point to the same domain could that be the issue? Do they conflict or work together?
I also tried another domain name that points to the ClearOS WAN IP and get a 404 error with the web server turned on and a "can not connect.." error with the web server turned off.
Any assistance is greatly appreciated.
Yes, you can use ProxyPass with or without SSL to forward external requests to internal webservers and the chosen SSL certificate does indeed get passed on. I use it for a couple of Servers and use Lets Encrypt Certs as well.
Its not that hard to configure and you should get the hang of it in about 10 to 15 minutes. Haven't tried it with multiple domains though but with Subdomains pointing to different internal servers it works just fine so i guess it would work with TLD's as well.
Things to remember when setting it up:
Target server: Depending on which Protocol you choose (http/https or both) you enter the corresponding http://internal-serverip or https://internal-serverip
Target path: If you want to simply point it to the internal servers main root folder you can leave it empty otherwise /foldername
The rest should be self explanatory
Hope this helps you out otherwise don't hesitate to ask
I purchased proxypass the other day assuming it was a front end for Nginx. My goal is to use it to consolidate multiple servers behind the firewall and have it provide ssl with the cert from lets encrypt. The servers behind the firewall are not running ssl. The documentation amounts to little more than a tooltip. I think that I may need ssl on the web servers but would like the ins and outs. Can the web server run without ssl? If it need ssl cert be self signed? Does it get passed right through proxypass?
Thanks in advance.
The strange part is that deleting the letsencrypt folder removes the missing certificate errors and lets me start over. I have the original backed up. When I try to get a new cert, it seems to work, a bunch of info is displayed and the folder is recreated and certs are added. I restored the backup and no have the "Ooooops: Certificate not found." error on the Lets Encrypt page as well as the missing certificates error on the cert manager page. I ran the grep commands and this is what I get.
Here are the files:
I noticed that the certs have a 1 in the name but the symbolic links do not. Not sure if that could be the issue. I guess it depends on if the apps access the certs via link or directly. Now I have requested certs too many times and have reached the certbot limit. The /etc/pki/CA/sys-0-cert.pem cert is still in place as well.
I just installed Lets Encrypt and was able to obtain a new cert. When I click on "Return to Summary", all I get is a blank page with "Ooooops: Certificate not found." in the top left. I can no longer the Lets Encrypt tab in the System>Security>Lets Encrypt folder.
Also, when I System>Settings>General Settings I see a Certificate not found error. The original self-signed cert is not even displayed.
If I delete the /etc/letsencrypt folder. I can start over, but I get the same results.
Is there a bug or could I have done something wrong?
I do not have the webserver installed, but I do have proxypass installed.
Works great!!! I initially messed the config up and did not realize that each remote site needed its own config and port. Thank you for your help.
The server side is an unmanned power generation facility and the remote site is the corporate office. Now I would like to block access to the office from the site running the server. I want the remote site to access everything at the power generation facility but block access to the to the office from the server side. Field staff and contractors use the wifi at the site and I don't want them accessing file shares etc at head office.
Any assistance would be greatly appreciated.