Configure Apache as a secure reverse proxy

To configure Apache to work as a secure reverse proxy:

1. Open the httpd.conf file.

2. Uncomment ssl_module:

   LoadModule ssl_module modules/mod_ssl.so

3. Uncomment the httpd-ssl.conf file:

   # Secure (SSL/TLS) connections
   Include conf/extra/httpd-ssl.conf

4. Close the httpd.conf file and open the httpd-ssl.conf file. By default it is in /<apache-directory>/conf/extra.

5. In the httpd-ssl.conf file, activate the SSL port 443:

   Listen 443

6. Add the SSLProtocol parameter:

   SSLProtocol -SSLv2 -SSLv3 +TLSv1

7. Change the cache settings:

   LoadModule socache_shmcb_module modules/mod_socache_shmcb.so
   SSLSessionCache "shmcb:<apacheAbsoluteFolder>/logs/ssl_scache(512000)"

8. Modify the VirtualHost and ServerName parameters:

   <VirtualHost <fully qualified server name>:443>   
   ServerName <fully qualified server name>:443 

9. Add the SSL certificates to the VirtualHost section:

   # Server Certificate
   SSLCertificateFile " /<apache-directory>/conf/WebServerPublicCert.pem"
   # Server Private Key:
   SSLCertificateKeyFile " /<apache-directory>/conf/WebServerPrivateCert.pem"

10. Restart Apache so it will read the new configuration.

    Run <apache-directory>/bin/apachectl -k restart

11. Verify that Apache works as a secure proxy server.

    Go to https://webserver/qcbin. Make sure the OpenText Application Quality Management home page is displayed.

    Note: The web server name must be in FQDN (fully qualified domain name) format when using a secure connection.

12. After verifying that Apache works as a secure proxy server, close the non-secure port.

    1. Open the httpd.conf file.

    2. Comment out the Listen parameter:

       #Listen 80