how to make Apache proxy http requests to https

Question

I'm trying to configure svn mirroring with transparent proxying as described here, but getting hard times with https.
Current setup is:

• master server is available publicly and is protected by https.
  
• slave server is sitting behind a nginx reverse proxy, and serves via http, but nginx is protecting all the external traffic with https.
  

so I managed to setup svnsync to work over this weird setup, but struggling with writethruproxy:
mod_proxy_http does not like https on the other end and says this:

[debug] proxy_util.c(1525): [client ccc.ccc.ccc.ccc] proxy: *: found reverse proxy worker for https://xxx.xxx.xxx.xxx:yyyy/svn/my_repo/!svn/me
[debug] mod_proxy.c(1020): Running scheme https handler (attempt 0)
[debug] mod_proxy_http.c(1954): proxy: HTTPS: declining URL https://xxx.xxx.xxx.xxx:yyyy/svn/my_repo/!svn/me (mod_ssl not configured?)
[debug] mod_proxy_ajp.c(677): proxy: AJP: declining URL https://xxx.xxx.xxx.xxx:yyyy/svn/my_repo/!svn/me
[debug] mod_proxy_ftp.c(842): proxy: FTP: declining URL https://xxx.xxx.xxx.xxx:yyyy/svn/my_repo/!svn/me - not ftp:
[debug] mod_proxy_connect.c(100): proxy: CONNECT: declining URL https://xxx.xxx.xxx.xxx:yyyy/svn/my_repo/!svn/me
[warn] proxy: No protocol handler was valid for the URL /svn/brisbane/!svn/me. If you are using a DSO version of mod_proxy, make sure the proxy submodules are included in the configuration using LoadModule.

TLDR: is there any way I could configure mod_ssl and mod_proxy_http to forward http traffic to https?

• TIA

Answer 1

You'll first need to enable mod_ssl (e.g. a2enmod ssl on a Debian/Ubuntu box, or alter the configuration to load the module as required on your installation).

Then, you'll need to configure the SSLProxy* directives as indicated in the mod_proxy documentation, more specifically, at least SSLProxyCACertificateFile or SSLProxyCACertificatePath with which CA you're willing to trust (since your Apache Httpd server will be a client in that respect).