How to make an SSL proxy on Apache server?

System Information
  • Strapi Version: 3.4.1
  • Operating System: Ubuntu
  • Node Version: 14.10.1
  • NPM Version: 6.14.8

Hello there! I surf a lot of Google this day, but still unable to find any good information about my problem. I successfully published my strapi on the Apache server, so it is accessible within http://servername:3009 (3009 is allowed for public), then I tried to make it HTTPS, and I stuck. I’m not good in Apache (almost zero), but as I understand the only way to do it is proxing, so my idea was to publish strapi to private port 3010, and configure httpd.conf to redirect public :3009 to private :3010, and I have no idea how should it works.

Here is an example of my latest httpd.conf

<VirtualHost *:3009>
ServerAdmin blabla@blabla.com
ServerName blabla
ServerAlias www.blabla.com
ProxyPreserveHost On

<Proxy *>
    Order allow,deny
    Allow from all
</Proxy>

ProxyPass / http://localhost:3010/
ProxyPassReverse / http://localhost:3010/

Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /etc/letsencrypt/live/blabla.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/blabla.com/privkey.pem

And example of strapi server.js

module.exports = ({ env }) => ({
host: env(‘HOST’, ‘0.0.0.0’),
port: env.int(‘PORT’, 3010),
url: env(‘PUBLIC_URL’, ‘https:/blabla.com:3009’),
proxy: env.bool(‘IS_PROXIED’, true),
admin: {
auth: {
secret: env(‘ADMIN_JWT_SECRET’, ‘643…6fc0’),
},
},
});

Is there any patterns on how to do it with Apache?
Please, help me, I’m about leave the idea to use strapi))

Ok, i found a solution to make strapi ssl enabled ( apache2 ) :slight_smile:

first, have theses modules enabled :

sudo a2enmod ssl
sudo a2enmod proxy
sudo a2enmod proxy_balancer
sudo a2enmod proxy_http

and this is the tip :

in /etc/apache2/sites-available/strapi.mysite.fr-le-ssl.conf : 
<VirtualHost strapi.mysite.fr:443>
    ServerName strapi.mysite.fr
 ServerAlias strapi.mysite.fr
        
                ProxyPreserveHost On
                ProxyPass / http://strapi.mysite.fr:1337/
                ProxyPassReverse / http://strapi.mysite.fr:1337/
        
         SSLProxyEngine On

<Proxy *>
    Order allow,deny
    Allow from all
</Proxy>

Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /etc/letsencrypt/live/strapi.mysite.fr/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/strapi.mysite.fr/privkey.pem
</VirtualHost>
</IfModule>

and you can see > https://strapi.mysite.fr/ is redirected from http://strapi.mysite.fr:1337 and works .

enjoy

1 Like

I tried a LOT of various settings, from a bunch of different sites… this post helped immensely. Thanks!

It’s frustrating when you’re chugging along on your dev server and then you push it up to prod and feel the failure…