I got it to work but I don’t know why it worked. I changed the BalancerMember to use the http connector instead of the ajp connector. So changed to http://tomcat-hostname:9080
So the question is, why would that matter and why would it work going to webserver directly but not netscaler? We use the ajp connector everywhere else. The only difference is everywhere else is Apache WebServer 2.4.39 and Tomcat 9.0.31 where this is Apache WebServer 2.4.46 and Tomcat 9.0.45 Shawn Beard Sr. Systems Engineer | BTS Middleware Engineering | +1-515-564-2528<tel:+1-515-564-2528> | sbe...@wrberkley.com<mailto:sbe...@wrberkley.com> From: Beard, Shawn <sbe...@wrberkley.com.INVALID> Sent: Tuesday, June 8, 2021 8:21 AM To: users@httpd.apache.org Subject: [users@httpd] 404 error [EXTERNAL] ** CAUTION: External message We have put Apache behind a Netscaler load balancer. We have the VIP set up with ssl and it is terminating SSL at the netscaler. The backend webserver is not SSL. When we go to the https vanity url, we get a 404 error. But when I go to webserver directly on using host:port, it works just fine. Im getting this in the access logs when I use the netscaler URL so I know the netscaler is getting to the webserver: XX.XX.XX.XX- - [08/Jun/2021:08:58:09 -0400] "GET /sample HTTP/1.1" 404 - "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.77 Safari/537.36" 802 250 So http://hostname:8080/sample<https://urldefense.com/v3/__http:/hostname:8080/sample__;!!Li8W9_Um1Taa!vaSru_L24erjqjHPBvhitZg7zhMELI5zL2xAZSsdg80eRX3gpUOUIczYsg0IuGnU$> works But netscaler url https://my.domain.com/sample<https://urldefense.com/v3/__https:/my.domain.com/sample__;!!Li8W9_Um1Taa!vaSru_L24erjqjHPBvhitZg7zhMELI5zL2xAZSsdg80eRX3gpUOUIczYsm4YsElu$> gets 404 with the above error in access logs. I have tried commenting out the rewrite engine stuff with same results. Here is the virtual hosts from the httpd-vhosts.conf file. Some information changed for security reasons. <VirtualHost *:8080> DocumentRoot "/path/to/httpd/htdocs" ServerName hostname:8080 ServerAlias my.domain.com Options None Header add Set-Cookie "ROUTEID=.%{BALANCER_WORKER_ROUTE}e; path=/" env=BALANCER_ROUTE_CHANGED <Proxy "balancer://loadbalancer"> BalancerMember ajp://tomcat-hostname:8009 route=sbx-bts01 connectiontimeout=300 timeout=600 ProxySet stickysession=ROUTEID Order deny,allow Allow from all </Proxy> ProxyRequests Off ProxyPass / balancer://loadbalancer/ ProxyPassReverse / balancer://loadbalancer/ RewriteEngine On RewriteCond %{THE_REQUEST} !HTTP/1\.1$ RewriteRule .* - [F] RewriteOptions Inherit ErrorLog "/path/to/httpd/error_log" CustomLog "/path/to/httpd/access_log" combinedio </VirtualHost> Shawn Beard • Sr. Systems Engineer Middleware Engineering [cid:image085436.PNG@fbcb1466.43bb3916] 3840 109th Street Urbandale, IA 50322 Phone: +1-515-564-2528 Email: sbe...@wrberkley.com<mailto:sbe...@wrberkley.com> Website: berkleytechnologyservices.com<https://www.berkleytechnologyservices.com/> Technology Leadership Unleashing Business Potential Shawn Beard Sr. Systems Engineer | BTS Middleware Engineering | +1-515-564-2528<tel:+1-515-564-2528> | sbe...@wrberkley.com<mailto:sbe...@wrberkley.com> CONFIDENTIALITY NOTICE: This e-mail and the transmitted documents contain private, privileged and confidential information belonging to the sender. The information therein is solely for the use of the addressee. If your receipt of this transmission has occurred as the result of an error, please immediately notify us so we can arrange for the return of the documents. In such circumstances, you are advised that you may not disclose, copy, distribute or take any other action in reliance on the information transmitted. CONFIDENTIALITY NOTICE: This e-mail and the transmitted documents contain private, privileged and confidential information belonging to the sender. The information therein is solely for the use of the addressee. If your receipt of this transmission has occurred as the result of an error, please immediately notify us so we can arrange for the return of the documents. In such circumstances, you are advised that you may not disclose, copy, distribute or take any other action in reliance on the information transmitted.
