Jenkins behind SSL, my case not going through

[Snd Lt]

I used to use these statemets to put Jenkins behind reverse proxy for TLS in previous previous job. But somehow these are't working anymore.

I'm on

# rpm -q httpd
httpd-2.4.6-31.el7.x86_64
# rpm -q mod_ssl
mod_ssl-2.4.6-31.el7.x86_64

I referred to all the Jenkins proxy guides on here and and Jenkisn website, but no luck. They all seem to have variations of what I already have/know down in conf files.

So basically, I installed Jenkins and can access via http://its-address:8080; Now I'm triyng to put it reverse proxy through http:its-address so that I can reverse proxy it to https://its-address

I used to able to get through without using a2enmod.

These are what I used to add on httpd.conf and ssl.conf.

[httpd.conf]

<VirtualHost *:80>
DocumentRoot /var/www/html
ProxyPass / http://localhost:8080 / nocanon
ProxyPassReverse / http://localhost:8080/
ProxyRequests Off
ProxyPreserveHost On
<Proxy http://localhost:8080/*>
Order deny,allow
Allow from all
</Proxy>
</VirtualHost>

[ssl.conf]

SSLProxyEngine On
ProxyPreserveHost on
ProxyPass / https://localhost:8080
ProxyPassReverse / https://localhost:8080

No matter what I do around syntax, I'm suffering from

httpd[2410]: AH00526: Syntax error on line 100 of /etc/httpd/conf/httpd.conf:
httpd[2410]: ProxyPass|ProxyPassMatch needs a path when not defined in a location
or
httpd[2401]: Invalid ProxyPass|ProxyPassMatch parameter. Parameter must be in t...lue'.

Am I putting the correct statements?

Seems like I'm not even putting it behind 80 to be able to forward to 443. 443 is currently configured with CA signed keys and the test page is secured.

Help appreciated, thanks.

 

[ryanvade]

According to the Apcahe Proxy Pass Docs

If the first argument ends with a trailing /, the second argument should also end with a trailing / and vice versa. Otherwise the resulting requests to the backend may miss some needed slashes and do not deliver the expected results.

so having / then localhost:8080/ may work but then I wonder if / will ever be matched in the first place.

 

[Snd Lt]

So what shall I replace those with? "s?

I'm having trouble understanding the docs for apache and mod-ssl on jenkins website.

Thanks for your time.

 

[Snd Lt]

Trying

at the end

[ssl.conf]

<VirtualHost *:80>
    ServerAdmin  webmaster@localhost
    Redirect permanent / https://server.com/
</VirtualHost>

<VirtualHost *:443>
    SSLEngine on
    SSLCertificateFile /etc/pki/tls/certs/ca.crt
    ServerAdmin  webmaster@localhost
    ProxyRequests     Off
    ProxyPreserveHost On
    AllowEncodedSlashes NoDecode
    <Proxy *>
        Order deny,allow
        Allow from all
    </Proxy>
    ProxyPass          http://localhost:8080/
    ProxyPassReverse    http://localhost:8080/
    ProxyPassReverse    http://server.com/
    RequestHeader set X-Forwarded-Proto "https"
    RequestHeader set X-Forwarded-Port "443"
</VirtualHost>

but I get

httpd[4706]: AH00526: Syntax error on line 241 of  /etc/httpd/conf.d/ssl.conf:

httpd[4706]: /etc/httpd/conf.d/ssl.conf:ProxyPass|ProxyPassMatch needs a path when not defined in a location