1. Advertising
    y u no do it?

    Advertising (learn more)

    Advertise virtually anything here, with CPM banner ads, CPM email ads and CPC contextual links. You can target relevant areas of the site and show ads based on geographical location of the user if you wish.

    Starts at just $1 per CPM or $0.10 per CPC.

Forward Proxy on behalf of the client instead of as a tunnel

Discussion in 'Apache' started by Dan Frank, Feb 28, 2017.

  1. #1

    I am trying to set Apache up as a forward proxy to help solve an issue that we have where an HTTP Client in our application does not support TLS 1.2 but an API that we need to consume only supports TLS 1.2. What I am attempting to do is use Apache to talk HTTPS/TLS 1.2 to the target API but allow my internal client to talk to the proxy over HTTP.

    There will be 1..N of the target APIs on IPs/URIs that we dont control so we are not able to enumerate the endpoints we will be connecting to. The whole appliance will be deployed into an unknown environment that is out of our control.

    I had it in my head that this was what a forward proxy was going to give me so after having set up a forward proxy and configuring my application to use it I was surprised to see that I was getting exactly the same behavior that I was getting when I had no proxy configured (failure of my internal client to speak TLS 1.2).

    So my question is; can Apache be configured as a FORWARD proxy to speak HTTP with the caller but HTTPS to the callee?

    I have spent a lot of time searching in various archives and the Apache docs but it's entirely possible that I just dont even know what to search for to get a good answer so if this is a dumb question I sincerely apologize for wasting the groups time.

    Thanks in advance for any help.

    Dan Frank, Feb 28, 2017 IP