I may be using the setup you describe. I have Webmin to manage services
(independent of Apache) and access it over https (using a (browser-trusted)
certificate I made).
Webmin could be accessed with either the :<port> ending or a subdomain (via
reverse-proxing). But now I can only access via :<port> , so something is not
working properly.
Anyway my extra config file contained:
<IfModule mod_ssl.c>
SSLUseStapling On
SSLStaplingCache "shmcb:logs/stapling-cache(150000)"
<VirtualHost _default_:${APACHE_SSL_PORT}>
SSLEngine on
<FilesMatch "\.(cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
</FilesMatch>
<Directory /usr/lib/cgi-bin>
SSLOptions +StdEnvVars
</Directory>
SSLProxyEngine On
ProxyRequests Off
ProxyPreserveHost Off
SSLProxyCheckPeerCN Off
SSLProxyCheckPeerName Off
<IfDefine APACHE_LOG_DIR>
ServerAdmin ${APACHE_ADM_EMAIL}
ServerName webmin.${APACHE_SVR_NAME}
ErrorLog ${APACHE_LOG_DIR}/error.ssl.log
CustomLog
${APACHE_LOG_DIR}/access.ssl.log combined
SSLCertificateFile ${APACHE_SSL_CRT}
SSLCertificateKeyFile ${APACHE_SSL_KEY}
SSLCertificateChainFile ${APACHE_SSL_CHAIN}
ProxyPass /
https://${APACHE_SVR_NAME}:${WEBMIN_PORT}
ProxyPassReverse /
https://${APACHE_SVR_NAME}:${WEBMIN_PORT}
</IfDefine>
</VirtualHost>
</IfModule>
> On Aug 30, 2020, at 8:58 AM, Tom Browder <tom.brow...@gmail.com> wrote:
>
> On Sun, Aug 30, 2020 at 06:58 Tom Browder <tom.brow...@gmail.com
> <mailto:tom.brow...@gmail.com>> wrote:
> I have a successful non-apache reverse proxy server working behind a non-tls
> public-facing apache server. What do I have to do to use TLS with Let's
> Encrypt certs managed certificates?
>
> I'll be showing the virtual host macro I'm using to get this to work, but it
> will have to be a bit later today when I can get to my real computer.
>
> -Tom
>
>
