Exchange reverse proxy

Aus metasec wiki
Version vom 18. Juli 2010, 10:56 Uhr von Admin (Diskussion | Beiträge) (Die Seite wurde neu angelegt: „<pre> <VirtualHost *:443> ### SSL settings für host SSLEngine On # Das Zertifikat für den Server SSLCertificateFile /etc/apache2/ssl/server.crt # Di…“)

(Unterschied) ← Nächstältere Version | Aktuelle Version (Unterschied) | Nächstjüngere Version → (Unterschied)
Wechseln zu: Navigation, Suche

<VirtualHost *:443>

  ### SSL settings für host
  SSLEngine On
  # Das Zertifikat für den Server
  SSLCertificateFile /etc/apache2/ssl/server.crt
  # Die Schlüsseldatei für den Server
  SSLCertificateKeyFile /etc/apache2/ssl/server.key

  ### SSL reverse proxy settings
  SSLProxyEngine on
  SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
  RewriteEngine On
  RewriteRule   ^/$     /exchange       [L,R]
  ProxyRequests Off
  ProxyPreserveHost On
  ProxyVia Full
  <Proxy *>
    Order deny,allow
    Allow from all
  </Proxy>
        RequestHeader set Front-End-Https On

  SetEnv force-proxy-request-1.0 1
  SetEnv proxy-nokeepalive 1

        # 30min. von microsoft empfohlen für firewalls welche die verb. offen halten. da sonst heartbeat nicht passt
        # dieses ist dynamisch bis zu 45 min.
        ProxyTimeout 3000
#
# Timeout: The number of seconds before receives and sends time out.
#
Timeout 3000

#
# KeepAlive: Whether or not to allow persistent connections (more than
# one request per connection). Set to "Off" to deactivate.
#
KeepAlive On

#
# MaxKeepAliveRequests: The maximum number of requests to allow
# during a persistent connection. Set to 0 to allow an unlimited amount.
# We recommend you leave this number high, for maximum performance.
#
MaxKeepAliveRequests 0

        # OWA
  ProxyPass        /exchange https://<exchangesrv>/exchange
  ProxyPassReverse /exchange https://<exchangesrv>/exchange
        ProxyPass                        /owa https://<exchangesrv>/owa
        ProxyPassReverse /owa https://<exchangesrv>/owa
  ProxyPass        /exchweb https://<exchangesrv>/exchweb
  ProxyPassReverse /exchweb https://<exchangesrv>/exchweb
  ProxyPass        /public https://<exchangesrv>/public
  ProxyPassReverse /public https://<exchangesrv>/public
        # passwort ueber owa aenderbar
  ProxyPass        /iisadmpwd https://<exchangesrv>/iisadmpwd
  ProxyPassReverse /iisadmpwd https://<exchangesrv>/iisadmpwd

        # RPC over HTTP/S
        ProxyPass                        /rpc https://<exchangesrv>/rpc
        ProxyPassReverse /rpc https://<exchangesrv>/rpc

        # ActiveSync
        ProxyPass                        /certsrv https://<exchangesrv>/certsrv
        ProxyPassReverse /certsrv https://<exchangesrv>/certsrv
  ProxyPass        /Microsoft-Server-ActiveSync http://<exchangesrv>//Microsoft-Server-ActiveSync
  ProxyPassReverse /Microsoft-Server-ActiveSync http://<exchangesrv>/Microsoft-Server-ActiveSync

        # WAP
  ProxyPass        /oma https://<exchangesrv>/oma
  ProxyPassReverse /oma https://<exchangesrv>/oma

        # Zeichensatz spezifieren fuer Umlaute
        AddDefaultCharset ISO-8859-1

   ### host settings
  ServerName <domain>
  ServerAlias <domain> www.<domain>
  DocumentRoot /home/webseiten/<domain>
  Serveradmin <domain>@<domain>

  AccessFileName .htaccess

  CustomLog /var/log/apache2/access_log_ssl_de.log common

</VirtualHost>