Bug#880195: closed for me

To: 880195@bugs.debian.org <880195@bugs.debian.org>
Subject: Bug#880195: closed for me
From: Hans-Willi Werres <eMail@WilliWerres.de>
Date: Fri, 28 Sep 2018 09:34:37 +0000
Message-id: <[🔎] kcis.5584178E6CAD46B7B4A2FA020F134657@kopano.fritz.box>
Reply-to: Hans-Willi Werres <eMail@WilliWerres.de>, 880195@bugs.debian.org
References: <150937142504.7069.6972127767786094160.reportbug@libor-nb.bcom.local>

Title: closed for me

Hi,

I'v tested again and this config is OK for proxying proxmox (including vnc):

ServerName <Extern.Sitename.de>

ErrorLog ${APACHE_LOG_DIR}/Proxy_<Extern.Sitename.de>_error.log

CustomLog ${APACHE_LOG_DIR}/Proxy_<Extern.Sitename.de>_access.log combined

UseCanonicalPhysicalPort Off

UseCanonicalName Off

DocumentRoot /var/www/html/

SSLEngine on

SSLCertificateFile /etc/letsencrypt/live/<Extern.Sitename.de>/fullchain.pem

SSLCertificateKeyFile /etc/letsencrypt/live/<Extern.Sitename.de>/privkey.pem

ProxyRequests Off

ProxyPreserveHost On

#SSL Connect

SSLProxyVerify none

SSLProxyCheckPeerCN off

SSLProxyCheckPeerName off

SSLProxyCheckPeerExpire off

# HSTS (mod_headers is required) (15768000 seconds = 6 months)

#Header always set Strict-Transport-Security "max-age=15768000"

# Encoded slashes need to be allowed

AllowEncodedSlashes NoDecode

RewriteEngine on

RewriteCond %{HTTP:Connection} Upgrade [NC]

RewriteCond %{HTTP:Upgrade} websocket [NC]

RewriteRule /(.*) wss://127.0.0.1:8006/$1 [P,L]

SSLProxyEngine on

ProxyRequests off

#block Proxy for letsencrypt verification!

ProxyPass /.wellknown !

ProxyPass / https://127.0.0.1:8006/ flushpackets=On connectiontimeout=300 timeout=300

ProxyPassReverse / https://127.0.0.1:8006/

ProxyTimeout 600

</VirtualHost>

Reply to: