Best way to run site through https on server which can't add additional certs

Posted by penguin on Server Fault See other posts from Server Fault or by penguin
Published on 2012-09-23T23:23:36Z Indexed on 2012/09/29 9:39 UTC
Read the original article Hit count: 240

Filed under:

https

So I'm in a curious situation in that I am using a particular server to host things, which I can't host anywhere else (it has access to user databases etc which can't otherwise be accessed). I've been in quite a bit of discussion with the sysadmin at it looks like the only way to run our site: www.foo.com over https may be through some sort of proxy.

Currently, users go to www.foo.com and are redirected to https:// host-server.com/foo, as there is an SSL cert installed on that. I want users to be on https:// www.foo.com.

I'm told that for various reasons it's going to be very difficult to add an additional SSL cert to the host server.

So I was wondering if it is possible to have the DNS records point to a new server, which then creates the HTTPS connection with the browser. Then it forwards requests to https:// host-server.com/foo and feeds the replies back to the original requester.

Does this make sense? And would it be at all feasible? My experience with SSL is limited at best, so thanks in advance for your help :)

ps gaps in hyperlinks as ServerFault was getting unhappy with the number of links I was posting!

Related posts about https

Need Java https proxy which can be enhanced to emulate production https proxy behaviour

as seen on Stack Overflow - Search for 'Stack Overflow'
I have a production environment which require access through a proxy server. Occasionally said server returns blank responses badly confusing the Metro web service library causing all kinds of interesting RuntimeExceptions. I believe the proxy is Squid. In order to handle these better, I would… >>> More
How To Find Out If You are Using HTTPS Without $_SERVER['HTTPS']

as seen on Stack Overflow - Search for 'Stack Overflow'
I've seen many tutorials online that says you need to check $_SERVER['HTTPS'] if the server is connection is secured with HTTPS. My problem is that on some of the servers I use, $_SERVER['HTTPS'] is an undefined variable that results in an error. Is there another variable I can check that should always… >>> More
Redirect request from https domain to https subdomain with only one certificate

as seen on Server Fault - Search for 'Server Fault'
I'm trying to redirect users to a subdomain in server2 if they make an https request to server1. I only have one certificate, and that's installed on server2. So for instance, from (server1) https://www.example.com to (server2) https://ssl.example.com My best guess is that I will need a certificate… >>> More
Apache: https to https redirect

as seen on Super User - Search for 'Super User'
I'm trying to get Apache to redirect all http and https traffic to a single endpoint www.example.org. The http part is easy: <VirtualHost *:80> ServerName example.org Redirect permanent / https://www.example.org/ </VirtualHost> # long list of other domains, all redirecting to… >>> More
SSL / HTTP / No Response to Curl

as seen on Server Fault - Search for 'Server Fault'
I am trying to send commands to a SOAP service, and getting nothing in reply. The SOAP service is at a completely separate site from either server I am testing with. I have written a dummy script with the SOAP XML embedded. When I run it at my local site, on any of three machines -- OSX, Ubuntu,… >>> More

Developer IT