We have put Apache behind a Netscaler load balancer. We have the VIP set up with ssl and it is terminating SSL at the netscaler. The backend webserver is not SSL. When we go to the https vanity url, we get a 404 error. But when I go to webserver directly on using host:port, it works just fine. Im getting this in the access logs when I use the netscaler URL so I know the netscaler is getting to the webserver:
XX.XX.XX.XX- - [08/Jun/2021:08:58:09 -0400] "GET /sample HTTP/1.1" 404 - "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.77 Safari/537.36" 802 250
So http://hostname:8080/sample works
But netscaler url https://my.domain.com/sample gets 404 with the above error in access logs. I have tried commenting out the rewrite engine stuff with same results.
Here is the virtual hosts from the httpd-vhosts.conf file. Some information changed for security reasons.
<VirtualHost *:8080>
DocumentRoot "/path/to/httpd/htdocs"
ServerName hostname:8080
ServerAlias my.domain.com
Options None
Header add Set-Cookie "ROUTEID=.%{BALANCER_WORKER_ROUTE}e; path=/" env=BALANCER_ROUTE_CHANGED
<Proxy "balancer://loadbalancer">
BalancerMember ajp://tomcat-hostname:8009 route=sbx-bts01 connectiontimeout=300 timeout=600
ProxySet stickysession=ROUTEID
Order deny,allow
Allow from all
</Proxy>
ProxyRequests Off
ProxyPass / balancer://loadbalancer/
ProxyPassReverse / balancer://loadbalancer/
RewriteEngine On
RewriteCond %{THE_REQUEST} !HTTP/1\.1$
RewriteRule .* - [F]
RewriteOptions Inherit
ErrorLog "/path/to/httpd/error_log"
CustomLog "/path/to/httpd/access_log" combinedio
</VirtualHost>
Shawn Beard • Sr. Systems Engineer
Middleware Engineering
[cid:image085436.PNG@fbcb1466.43bb3916]
3840 109th Street Urbandale, IA 50322
Phone: +1-515-564-2528
Email: SBeard@wrberkley.com<mailto:SBeard@wrberkley.com>
Website: berkleytechnologyservices.com<https://www.berkleytechnologyservices.com/>
Technology Leadership Unleashing Business Potential
Shawn? Beard
Sr. Systems Engineer |
BTS
Middleware Engineering | +1-515-564-2528<tel:+1-515-564-2528> | SBeard@wrberkley.com<mailto:SBeard@wrberkley.com>
CONFIDENTIALITY NOTICE: This e-mail and the transmitted documents contain private, privileged and confidential information belonging to the sender. The information therein is solely for the use of the addressee. If your receipt of this transmission has occurred as the result of an error, please immediately notify us so we can arrange for the return of the documents. In such circumstances, you are advised that you may not disclose, copy, distribute or take any other action in reliance on the information transmitted.
XX.XX.XX.XX- - [08/Jun/2021:08:58:09 -0400] "GET /sample HTTP/1.1" 404 - "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.77 Safari/537.36" 802 250
So http://hostname:8080/sample works
But netscaler url https://my.domain.com/sample gets 404 with the above error in access logs. I have tried commenting out the rewrite engine stuff with same results.
Here is the virtual hosts from the httpd-vhosts.conf file. Some information changed for security reasons.
<VirtualHost *:8080>
DocumentRoot "/path/to/httpd/htdocs"
ServerName hostname:8080
ServerAlias my.domain.com
Options None
Header add Set-Cookie "ROUTEID=.%{BALANCER_WORKER_ROUTE}e; path=/" env=BALANCER_ROUTE_CHANGED
<Proxy "balancer://loadbalancer">
BalancerMember ajp://tomcat-hostname:8009 route=sbx-bts01 connectiontimeout=300 timeout=600
ProxySet stickysession=ROUTEID
Order deny,allow
Allow from all
</Proxy>
ProxyRequests Off
ProxyPass / balancer://loadbalancer/
ProxyPassReverse / balancer://loadbalancer/
RewriteEngine On
RewriteCond %{THE_REQUEST} !HTTP/1\.1$
RewriteRule .* - [F]
RewriteOptions Inherit
ErrorLog "/path/to/httpd/error_log"
CustomLog "/path/to/httpd/access_log" combinedio
</VirtualHost>
Shawn Beard • Sr. Systems Engineer
Middleware Engineering
[cid:image085436.PNG@fbcb1466.43bb3916]
3840 109th Street Urbandale, IA 50322
Phone: +1-515-564-2528
Email: SBeard@wrberkley.com<mailto:SBeard@wrberkley.com>
Website: berkleytechnologyservices.com<https://www.berkleytechnologyservices.com/>
Technology Leadership Unleashing Business Potential
Shawn? Beard
Sr. Systems Engineer |
BTS
Middleware Engineering | +1-515-564-2528<tel:+1-515-564-2528> | SBeard@wrberkley.com<mailto:SBeard@wrberkley.com>
CONFIDENTIALITY NOTICE: This e-mail and the transmitted documents contain private, privileged and confidential information belonging to the sender. The information therein is solely for the use of the addressee. If your receipt of this transmission has occurred as the result of an error, please immediately notify us so we can arrange for the return of the documents. In such circumstances, you are advised that you may not disclose, copy, distribute or take any other action in reliance on the information transmitted.
Attached Files:
-
image002.png (13.2 KB)