Help with ProxyPassReserve

Topics: User Forum
May 14, 2010 at 11:21 AM

Hi all,

I have IIRF installed on box at port 81 and have iirf.ini like this:

ProxyPass          ^/(.*)$$1

ProxyPassReverse    /

The purpose is letting users access application in tomcat at difference network segment (box port 8080). Do a test:



Connecting to connected.

HTTP request sent, awaiting response... 302 302 Moved Temporarily

Location:;jsessionid=949F8C89962F43A32343447DFE0C49FAContent-Type: text/html;charset=UTF-8 [following]


Connecting to connected.

HTTP request sent, awaiting response... 302 Found

Location: [following]


Connecting to connected.

ERROR: certificate common name `test1.local' doesn't match requested host name `'.

To connect to insecurely, use `--no-check-certificate'.

Unable to establish SSL connection.


It seems that IIRF does not transform the Location header. I assume that my ProxyPassReserve string is incorrect. Anyone with this experience, please help!

Thank you very much,


May 14, 2010 at 2:56 PM

I don't know exactly what I'm seeing there.

IIRF does transform the Location header in 30x responses to proxied requests.

IIRF transforms the header according to the ProxyPassReverse rule in your ini file.  Your rule says "transform the location header if it begins with http :// . The actual location header received does not begin with that string, as far as I can tell. Specifically, the port is different. Therefore IIRF does not transform it.

You might need a ProxyPassReverse rule that specifies http :// . I can't be certain, though, that would be enough. It depends on the transaction flow required for the login.

May 15, 2010 at 4:32 AM

Thank you for guidance. Now, I understand how ProxyPassReverse works.


Thank you very much,