SyntaxFix

[apache] Error during SSL Handshake with remote server

I have Apache2 (listening on 443) and a web app running on Tomcat7 (listening on 8443) on Ubuntu.

I set apache2 as reverse proxy so that I access the web app through port 443 instead of 8443. Besides, I need to have SSL communication not only between browser and apache2 but also between apache2 and tomcat7, thus I set SSL on both apache2 and tomcat7. If I try to access the web app by directly contacting tomcat7, everything is fine. The problem is that when I try to access the tomcat's web app through apache2 (reverse proxy), on the browser appears the error:

Proxy Error
The proxy server could not handle the request GET /web_app.
Reason: Error during SSL Handshake with remote server

This question is related to apache tomcat ssl reverse-proxy

The answer is

The comment by MK pointed me in the right direction.

In the case of Apache 2.4 and up, there are different defaults and a new directive.

I am running Apache 2.4.6, and I had to add the following directives to get it working:

SSLProxyEngine on
SSLProxyVerify none 
SSLProxyCheckPeerCN off
SSLProxyCheckPeerName off
SSLProxyCheckPeerExpire off

Faced the same problem as OP:

  • Tomcat returned response when accessing directly via SOAP UI
  • Didn't load html files
  • When used Apache properties mentioned by the previous answer, web-page appeared but AngularJS couldn't get HTTP response

Tomcat SSL certificate was expired while a browser showed it as secure - Apache certificate was far from expiration. Updating Tomcat KeyStore file solved the problem.

I have 2 servers setup on docker, reverse proxy & web server. This error started happening for all my websites all of a sudden after 1 year. When setting up earlier, I generated a self signed certificate on the web server.

So, I had to generate the SSL certificate again and it started working...

openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout ssl.key -out ssl.crt

Source: Stackoverflow.com

Examples related to apache

Enable PHP Apache2 Switch php versions on commandline ubuntu 16.04 Laravel: PDOException: could not find driver How to deploy a React App on Apache web server Apache POI error loading XSSFWorkbook class How to enable directory listing in apache web server Job for httpd.service failed because the control process exited with error code. See "systemctl status httpd.service" and "journalctl -xe" for details How to enable php7 module in apache? java.lang.RuntimeException: Unable to instantiate org.apache.hadoop.hive.ql.metadata.SessionHiveMetaStoreClient The program can't start because api-ms-win-crt-runtime-l1-1-0.dll is missing while starting Apache server on my computer

Examples related to tomcat

Jersey stopped working with InjectionManagerFactory not found The origin server did not find a current representation for the target resource or is not willing to disclose that one exists. on deploying to tomcat Spring boot: Unable to start embedded Tomcat servlet container Tomcat 404 error: The origin server did not find a current representation for the target resource or is not willing to disclose that one exists Spring Boot application in eclipse, the Tomcat connector configured to listen on port XXXX failed to start Kill tomcat service running on any port, Windows Tomcat 8 is not able to handle get request with '|' in query parameters? 8080 port already taken issue when trying to redeploy project from Spring Tool Suite IDE 403 Access Denied on Tomcat 8 Manager App without prompting for user/password Difference between Xms and Xmx and XX:MaxPermSize

Examples related to ssl

Requests (Caused by SSLError("Can't connect to HTTPS URL because the SSL module is not available.") Error in PyCharm requesting website A fatal error occurred while creating a TLS client credential. The internal error state is 10013 curl: (35) error:1408F10B:SSL routines:ssl3_get_record:wrong version number How to install OpenSSL in windows 10? ssl.SSLError: tlsv1 alert protocol version Invalid self signed SSL cert - "Subject Alternative Name Missing" "SSL certificate verify failed" using pip to install packages ssl.SSLError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:749) Powershell Invoke-WebRequest Fails with SSL/TLS Secure Channel "ssl module in Python is not available" when installing package with pip3

Examples related to reverse-proxy

Nginx reverse proxy causing 504 Gateway Timeout From inside of a Docker container, how do I connect to the localhost of the machine? Error during SSL Handshake with remote server Configure Nginx with proxy_pass nginx - read custom header from upstream server Proxy with express.js How to serve all existing static files directly with NGINX, but proxy the rest to a backend server. What's the difference between a proxy server and a reverse proxy server?

Tags

Cxf Gnu-assembler Languageservice Iphone-3gs Popup-blocker Time-select Edge-detection Emacs-ediff Security-context Linker-warning Svn-trunk Wsdl Servletunit Apache-portable-runtime Replay To-char Listadapter Expandablelistview Simian Ping Pear Avr-gcc Vbo Scrolledwindow Time-management Er-diagrams Cluster-analysis Disparity-mapping Jvcl Erlangweb Jit Grails-validation Moc Windows-server-2003 Aggregate Scrollable-table Netbeans6.8 Master-pages Sleep Spring-ws Wnck Step C2664 Clipboard-pictures Grouplayout Crc-cards Rsls Hebrew Monodevelop Controlfile Mysql.sock Profiling Collada Coledatetime Webresource Openvpn Pgp-desktop Maxstringcontentlength Substance U3d Exception Audio-player Birthday-paradox Testing-strategies Daterangepicker Drivers Null-layout-manager Radial-gradients Data-link-layer High-contrast Rows Assertions Mono-service Bugzscout Section508 Visual-studio-project Similarity Smtps Directive Hardware-acceleration Myfaces Orbital-mechanics Mojo Pdf-form Output-parameter Lock-in Favorite Malware Byval Uniqueidentifier Asynchronous-pages Minibuffer Gambling Sqlj Dynamic-language-runtime Couchdb Forums Bad-request Yield Swingx