SSL for Reverse Proxy, webdispatcher and EP?

Similar Messages

• Firefox any version Mac, has a bug were it does not see or ask for the proxy username and password. This happens if you use a virtual tagged interface.

  Firefox any version Mac, has a bug were it does not see or ask for the proxy username and password. This happens if you use a virtual tagged interface. A recent network University policy change. The only way to fix this, is if you use a manual proxy configuration in Firefox. So all 100 + uni iMac's can only use Safari as I would need to do a profile push to all 300 students and I am unsure what file carries the proxy information.

  Firefox any version Mac, has a bug were it does not see or ask for the proxy username and password. This happens if you use a virtual tagged interface. A recent network University policy change. The only way to fix this, is if you use a manual proxy configuration in Firefox. So all 100 + uni iMac's can only use Safari as I would need to do a profile push to all 300 students and I am unsure what file carries the proxy information.

• How to Install Apache 2.x with ssl on solaris 8/9 for reverse proxy

  Hi,
  I need to install Apache 2.x on solaris , along with mod_ssl and openssl . I am not sure where to find the required version for solaris and also where to find openssl and mod_ssl for installation for 2.x.
  I need this for configuring reverse proxy pointing to the Portal.

  Harish,
  I think, I don't get your problem...
  the files are available at http://www.apache.org (binaries and source)
  http://www.artfiles.org/apache.org/httpd/binaries/solaris/
  openssl at http://www.openssl.org
  mod_ssl at http://www.modssl.org
  kr, achim

• Need in depth knowledge about Certficate request and install for Reverse proxy and CAS role

  Hi,
  I have few confusions about Exchange 2010/13 certificate request and install. As per my understanding best practise is to assign public CA certificate to Reverse proxy and Local CA certificate to CAS servers but need to know that what should be the format
  of certificate request? Do we need to order public certificate just for mail.domain.com and add SAN for other web services URLs and is it required to add CAS array and server names to this certificate ? In what case we will add server names and what will happen
  if we don't add in it ? How the outlook clients connecting from internet will be using this certificate? I have very limited knowledge in certificates and it always pisses me off. Please help me with explanations and articles. I tried to google and gone through
  many articles but didn't get a fair idea. Thanks in advacnce. :) 

  Hi,
  Here are my answers you can refer to:
  1. Use the New-ExchangeCertificate cmdlet to generate a new certificate request:
  New-Exchangecertificate -domainname mail.domain.com, autodiscover.domain.com -generaterequest:$true -keysize 1024 -path "c:\Certificates\xxxx.req” -privatekeyexportable:$true –subjectname "c=US o=domain.com, CN=server.domain.com"
  2. CAS array name doesn’t need to be added in the certificate:
  http://blogs.technet.com/b/exchange/archive/2012/03/23/demystifying-the-cas-array-object-part-1.aspx
  3. It depends on the situation that you configured to add the server name.
  4. Outlook clients use certificate for authentication.
  If you have any question, please feel free to let me know.
  Thanks,
  Angela Shi
  TechNet Community Support

• Secured connections for reverse proxy 4.0 possible?

  Hi,
  Is there any way to have a secure https to https connection while using Sun proxy server 4.0 as a reverse?
  I did the whole connect:// item with the 'connect://.*' defined in the routing table and just keep getting:
  "trying to GET /testdev/, deny-service reports: denying service of connect://testserver.***.com:481/testdev/"
  I tried defining it to https and get the "unable to find certificate".
  I am not showing the internal destination server ever receives any traffic from the reverse proxy, and the proxy logs seems to show it is blocking it all.
  So far coming in to the proxy server on an ssl https url and attempting to map it to another internal https server always fails.
  Mapping the same incoming https traffic to the same internal http server works fine (that is HTTP).
  So a client can hit our reverse proxy at HTTPS://reverseproxy.../testdev and get sent to an internal HTTP URL just fine.
  Doing the same thing to an internal HTTPS URL fails...
  Thanks much.

  The CONNECT is a method meant only for Proxies
  http://www.w3.org/Protocols/rfc2616/rfc2616-sec9.html#sec9.9
  You might try searching for setting up secure reverse proxy in the docs.
  the method is to map using https->http & http->https in both sides.

• SMP 3.0 (using Agentry): Requirements for Reverse Proxy

  All.
  We are in the process of designing our landscape for SMP 3.0, where we will expose Agentry functionality, and are currently looking at the Reverse Proxy technology to use.
  From the document
  Common Requirements for Reverse Proxies - Landscape Planning and Design - SAP Library
  it is stated that any reverse proxy used:
  Does not remove any HTTP headers.
  Sets a timeout period, if used, that is greater than the timeout used by the clients.
  Is this all the requirements that must be fulfilled for a reverse proxy ?
  We are looking into installing a common Reverse Proxy technology, that can handle reverse proxy requirements for multiple platforms.
  Hence I need to specify the requirements, in relation to SMP, for this technology.
  I hope someone can help.
  Thanks.
  Søren Hansen.

  Thanks Bill and Steve.
  I got it now - for Agentry support we need WebSockets.
  What about everything else on SMP 3.0 ?
  From this document:
  http://www.sdn.sap.com/irj/scn/go/portal/prtroot/docs/library/uuid/200d7500-2605-3210-9d91-a24cfb6523ba?QuickLink=index&…
  it is stated on page 4 that different technologies needs different platforms.
  Application          Reverse Proxy
  Native                 Apache
  Hybrid                 Apache
  Agentry               Nginx
  MBO                   RelayServer
  Is there no one Reverse Proxy platform that can act for all application types in front of SMP 3.0 ?
  And what should the entire list of demands be ?
  Søren Hansen

• Solution: iPad/iPhone Login issues with IIS as Reverse Proxy (Android and Windows Phone works)

  Hi,
  I had issues with iPad/iPhone access from external and tried a lot. Now I found my solution I like to share.
  I setup a IIS on Windows Server 2012 with ARR 2.5 and Android and Windows Phone could login but not iPad and iPhone.
  The IIS Log on the reverse proxy showed:
  2013-02-26 12:03:31 <IP> POST /webticket/webticketservice.svc X-ARR-CACHE-HIT=0&X-ARR-LOG-ID=1996c8d7-09d0-4310-8da4-a8dfb7940e28 443 - <ClientIP> Lync%202010/1.6+CFNetwork/609+Darwin/13.0.0 - 401 0 0 124
  2013-02-26 12:03:31 <IP> POST /webticket/webticketservice.svc X-ARR-CACHE-HIT=0 443 - <ClientIP> Lync%202010/1.6+CFNetwork/609+Darwin/13.0.0 - 502 3 12018 93
  First Request gets a 401 while anonymous. Second try would be with authentication but it never reached the internal front end server.
  After I installed a fix for ARR
  http://forums.iis.net/t/1195560.aspx/1?ARR+502+3+Bad+Gateway+0x80072ef2+2147954418+The+supplied+handle+is+the+wrong+type+for+the+requested+operation the Apple Devices could login.

  Hi,
  This resolved our problem too!! So happy after 2 weeks of messing around with just about every setting recommended from all types of forums and rebuilding our reverse proxy I was at a loose end. 
  Our environment is Lync 2013 Enterprise, Lync 2013 Edge, IIS as Reverse Proxy on Server 2012 using ARR 2.5
  We had Android and Windows clients working but no iOS devices at all. In the iOS log we were seeing 
  <h1>Server Error</h1></div><div id="content"> <div class="content-container"><fieldset> <h2>502 - Web server received an invalid response while acting as a gateway or proxy server.</h2> <h3>There is a problem with the page you are looking for, and it cannot be displayed. When the Web server (while acting as a gateway or proxy) contacted the upstream content server, it received an invalid response from the content server.</h3> </fieldset></div></div></body></html>
  When the client was trying to retrieve from the webticketservice.svc
  2013-04-11 17:19:44.659 Lync[4970:6c61000] INFO TRANSPORT TransportUtilityFunctions.cpp/907:<ReceivedResponse>
  POST https://lyncwebext.contoso.com/webticket/webticketservice.svc
  Request Id: 0x72cfc18
  HttpHeader:Content-Length 1477
  HttpHeader:Content-Type text/html
  HttpHeader:Date Thu, 11 Apr 2013 16:22:25 GMT
  HttpHeader:Server Microsoft-IIS/8.0
  HttpHeader:StatusCode 502
  Installed the HotFix from here:-
  Hotfix for Microsoft Application Request Routing Version 2.5 for IIS7 (KB 2732764) (x64)
  Rebooted the Reverse Proxy and iOS clients worked straight away for both Lync 2010 and Lync 2013 on both iPhone 5 and iPad both. 
  I hope this helps others as I was losing the plot :-)
  Cheers
  Sam

• Reverse Proxy Server and gzip compressed pages

  Hi ALL!
  Does Proxy Server in reverse proxy configuration works with gzip compressed pages? How it will serve different browser versions which are supports compression differently.
  Thanks. Happy New Year!

  Hi,
  Domain relaxing will not work in this setting, ref. RFC 2109 http://www.ietf.org/rfc/rfc2109.txt
  What you need to do is to create a DNS alias for the portal on domain [something].[company].com. Then create a portal component which returns the MYSAPSSO2 cookie and create an URL iView for it with the DNS alias hostname and add it to the default framework page. In this way, persons logging in will get the MYSAPSSO2 cookie for both domains [sap subdomain].[network domain].local and [network domain].[company].com
  Regards
  Dagfinn

• Changing URL path or prefix for Java Systems for Reverse Proxying

  I am running an Apache Reverse Proxy for multiple systems including Enterprise Portal and GRC.  Unfortunately, the two systems share the same directory structure (e.g. /webdynpro, /images, /logon, /useradmin, /VC).  The reverse proxy won't be able to differentiate URLs for the two systems.
  I want to add a prefix (e.g. /grc/webdynpro) or change the URL directories (e.g. /grcwebdynpro) for Portal or GRC.  How can I do this?

  Thank you for the reply, but could you explain?  It seems like this wiki is suggesting how to change the default port and start URL and how to configure reverse proxies in general.  It doesn't seem to answer the specific question that I have.
  I need to add or modify the URL so that it is unique to the reverse proxy.  For example, EP and GRC both use /webdynpro.  I would like one of them to use a completely different structure (e.g. /grc/webdynpro) so that the reverse proxy can differentiate requests to different hosts.
  The reason why changing the Start URL doesn't seem like the answer is because the fundamental directory structure is still the same.  The reverse proxy won't be able to differentiate the different requests because of this.
  I am looking for some kind of configuration that lets me add a prefix to the entire web application server.  Is anyone aware of this configuration or know of an alternative solution?

• Starting SSL-enabled Reverse Proxy Instance without password

  I was able to do this on iPlanet 365 by using storing the SSL password in a file and then using it as an input in the iPlanet 3.6 SP5 start script.
  However on iPlanet 4.0.3, there's a significant change in the start script. Does anybody know how to do this on iPlanet 4.0.3?

  Configuration guide says:
  By default, the Sun Java System Web Proxy Server prompts the administrator for the SSL key database password before starting up. If you want the Web server to be able to restart unattended, you need to save the password in a password.conf file. Be sure that your system is adequately protected so that this file and the key databases are not compromised.
  Location
  <Instance_Directory>/config
  This file is not present by default. You must create it if you need it.
  Syntax
  PKCS#11_module_name:password
  If you are using the internal PKCS#11 software encryption module that comes with the server, type the following:
  internal:password
  If you are using a different PKCS#11 module, for example for hardware encryption or hardware accelerators, you will need to specify the name of the PKCS#11 module, followed by the password.
  --------------------------------------

• Apache installation for reverse proxy in linux for portal

  dear all,
  can u please guide me where to download the openssl apache foe linux for the reverse proxy
  regards
  revanth

  Google is your friend...
  It will take 15 seconds !
  Regards,
  Olivier

• Difference between reverse proxy plugin and java web proxy server

  Hello
  Can anyone please let me know what exactly is the difference between the reverse proxy plugin available with java system web server and the
  java web proxy server.
  Thanks
  Manik Gupta.

  The features are very closely related. The most notable and obvious difference is that The Web Proxy Server reverse proxy makes use of a content cache, while the reverse proxy of the Web Server does not cache results.
  Message was edited by:
  JoeMcCabe

• Adding Expired heading with static value for reverse proxy

  I'd like to add an Expired heading to a response leaving a reverse proxy to make sure that the browser will not cache the file locally (or at least attempt to prevent it).
  Is this possible with SWP? I cannot find out how to do this in the admin interface at least. I'm running 4.0.5 B04
  thanx,

  I'd like to add an Expired heading to a response leaving a reverse proxy to make sure that the browser will not cache the file locally (or at least attempt to prevent it).
  Is this possible with SWP? I cannot find out how to do this in the admin interface at least. I'm running 4.0.5 B04
  thanx,

• Help required for Sender Proxy/RFC and Receiver RFC approach. Urgent please

  Hi All,
  I have one sender R/3 system
  I have two receivers R/3 systems
  Business Partners data from sender R/3 system needs to be repliacted to 2 receivers R/3 systems
  From sender R/3 system one Sync Abap Client Proxy or
  Sync RFC will send Business Partners data to XI.
  For both receivers R/3 systems there is only one RFC Currently there is no flag condition for 2 receivers as this is
  Business Partner replication scenario.
  Also In XI there is restriction that multiple sync receivers cannot be there.
  Please let me know how to make this approach.
  Regards

  Rich,
  Create two O/B Interfaces - Synch. Create Proxy1 for O/B Interface1 , Proxy2 for O/B interface 2.
  So while defining Receiver determinatio, you will define as following,
  Receiver Determination----1
  Sender : Sender_BusinessSystem
  Sender Interface : O/B Interface 1 ( i.e Proxy1)
  Receiver : BusinessSystem_ C
  Interace Determination
  Sender : Sender_BusinessSystem
  Sender Interface : O/B Interface 1 ( i.e Proxy1)
  Inbound Interface: RFC_Rec
  Receiver Determination----2
  Sender : Sender_BusinessSystem
  Sender Interface : O/B Interface 2 ( i.e Proxy2)
  Receiver : BusinessSystem_D
  Interace Determination
  Sender : Sender_BusinessSystem
  Sender Interface : O/B Interface 2 ( i.e Proxy2)
  Inbound Interface: RFC_Rec
  Hope it helps!
  raj.

• UrlRewrite for reverse proxy on IIS

  Hi,
  I have a situation where I need to host node server behind IIS on the same machine. I wanted to create an application under the Default Web Site in IIS running on ports 80. I want the application to reroute the urls to the node server listening on port say
  3000. I tried using the Urlrewrite to create a reverseproxy rule to send all the requests to the node server. I am facing problems trying to load the static files. I tried different Urlrewrite pattern matches but could not get this to work. Can someone suggest
  me what would be the best way to configure the urlrewrites so that have the routes sent to the node server while the static files loaded from where my IIS application is pointed to?
  Example: http://mysite.com/webapp -> load static files
  http://mysite.com/webapp -> reroute the routes to http://mysite.com:3000

  Hello Victor1124,
  This forum is for Microsoft Small Basic program language.  You should better to ask your question in http://forums.iis.net/ .
  Thanks.
  Nonki Takahashi