To secure the web services and maintain high availability, it is good to have a proxy in front of the other web application servers which sit inside the intranet. You can imagine there is only one IP address available and one physical machine. How can I setup multiple servers at a time? Using VMware makes my dream come true;)
Inspired by an article about setting gateway server for Internet users accessing intranet resources like Outlook Web Access service, I get this good thing work on my machine.
With one front-end gateway with ability to be accessed by Internet users, we can implement reverse proxy which redirects particular web requests to internal servers. The gateway server should have Apache server equipped and ready to run. What you need to do on the machine would be adding a few lines to the configuration file like, httpd-ssl.conf. This file contains settings for general Apache HTTPS request handling. I assume you have your SSL certificate sitting well in the gateway machine. For the rest, just a few lines in the configuration file like httpd-ssl.conf:
Within the block of VirtualHost
(possibly something like VirtualHost _default_:443):
SSL certificate will sit inside the gateway server and serve HTTPS requests for other intranet servers. In this case, we only need one SSL certificate for all internal servers.
No comments:
Post a Comment