[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#880195: closed for me

Title: closed for me


I'v tested again and this config is OK for proxying proxmox (including vnc):

<VirtualHost *:443>
    ServerName <Extern.Sitename.de>

    ErrorLog  ${APACHE_LOG_DIR}/Proxy_<Extern.Sitename.de>_error.log
    CustomLog ${APACHE_LOG_DIR}/Proxy_<Extern.Sitename.de>_access.log combined

    UseCanonicalPhysicalPort Off
    UseCanonicalName         Off
    DocumentRoot             /var/www/html/

    SSLEngine on
    SSLCertificateFile    /etc/letsencrypt/live/<Extern.Sitename.de>/fullchain.pem
    SSLCertificateKeyFile /etc/letsencrypt/live/<Extern.Sitename.de>/privkey.pem

    ProxyRequests Off
    ProxyPreserveHost On

    #SSL Connect
    SSLProxyVerify none
    SSLProxyCheckPeerCN off
    SSLProxyCheckPeerName off
    SSLProxyCheckPeerExpire off

    # HSTS (mod_headers is required) (15768000 seconds = 6 months)
    #Header always set Strict-Transport-Security "max-age=15768000"

    # Encoded slashes need to be allowed
    AllowEncodedSlashes     NoDecode

    RewriteEngine on
    RewriteCond %{HTTP:Connection} Upgrade [NC]
    RewriteCond %{HTTP:Upgrade} websocket [NC]
    RewriteRule /(.*) wss://$1  [P,L]

    SSLProxyEngine   on
    ProxyRequests    off

    #block Proxy for letsencrypt verification!
    ProxyPass        /.wellknown !
    ProxyPass        / flushpackets=On connectiontimeout=300 timeout=300
    ProxyPassReverse /
    ProxyTimeout     600


Reply to: