On 8 February 2017 at 17:03, Chad <innocentkiller(a)gmail.com> wrote:
On Wed, Feb 8, 2017 at 8:30 AM David Gerard
<dgerard(a)gmail.com> wrote:
> Remember that the server sees *only* http://
connections, it isn't
> doing SSL at all - SSL is terminated at the external IP.
> (Can Apache even see if the incoming request was originally https:// ?)
Since you're using two layers of Apache and
basically proxying, no, the
second Apache can't know. What you *could* do is set a header at the
termination Apache though that passes the data through. Something with
SetEnv or SetEnvIf (name it something like X_WAS_HTTPS) and then
check for that at your second layer.
The external IP is actually a Netscaler, but yeah, I guess I'll ask
them to inject X-Forwarded-Proto and redirect to https:// if it came
in on port 80 originally. Cheers :-)
- d.