Here you have it....
Make sure you have apache 2.2.4 added, and compile in almost every module.... (I dont exactly know which ones, but you can compile in mod_so, and the load in each module, as apache requires it...)
Make sure server.crt is a wildcard certificate which has its CN set to * with a matching server.key private key.
8080 must be replaced with the port HAVP proxy is listening on, and HAVP must have its PARENTPROXY set to 127.0.0.1:8445
Also add the following firewall rules:
iptables -t nat -A PREROUTING -p tcp -i <INTERFACE_ON_INSIDE> --dport 80 -j REDIRECT --to-port 8444
iptables -t nat -A PREROUTING -p tcp -i <INTERFACE_ON_INSIDE> --dport 443 -j REDIRECT --to-port 8443
(Of course you replace <INTERFACE_ON_INSIDE> with the name of the interface on the LAN side)
Then add this in the apache config:
listen 8443
listen 8444
listen 8445
<VirtualHost _default_:8443>
RewriteEngine on
RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK|OPTIONS)
RewriteRule .* - [F]
DocumentRoot /home/httpd/html
ServerAdmin root@localhost
ErrorLog /var/log/httpd/error_log
TransferLog /var/log/httpd/access_log
SSLEngine on
SSLProtocol all -SSLv2
SSLCipherSuite ALL:!ADH:!EXPORT56:!eNULL:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW:+$
SSLCertificateFile /etc/apache2/server.crt
SSLCertificateKeyFile /etc/apache2/server.key
SetEnv HOME /home/nobody
SetEnvIf User-Agent ".*MSIE.*" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
ProxyRemote *
http://127.0.0.1:8080
ProxyPreserveHost On
SetOutputfilter DEFLATE
DeflateCompressionLevel 9
SetInputFilter INFLATE
RequestHeader unset xsslcatch
RequestHeader set xsslcatch ison
RewriteRule ^(.*)$ proxy:http://%{HTTP_HOST}$1
</VirtualHost>
<VirtualHost _default_:8444>
RewriteEngine on
RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK|OPTIONS)
RewriteRule .* - [F]
DocumentRoot /home/httpd/html
ServerAdmin root@localhost
ErrorLog /var/log/httpd/error_log
TransferLog /var/log/httpd/access_log
ProxyRemote *
http://127.0.0.1:8080
ProxyPreserveHost On
SetOutputFilter DEFLATE
DeflateCompressionLevel 9
SetInputFilter INFLATE
RequestHeader unset xsslcatch
RequestHeader set xsslcatch isoff
RewriteRule ^(.*)$ proxy:http://%{HTTP_HOST}$1
</VirtualHost>
<VirtualHost _default_:8445>
ProxyRequests on
SSLProxyEngine on
ProxyVia block
ProxyPreserveHost On
DocumentRoot /home/httpd/html
ServerAdmin root@localhost
ErrorLog /var/log/httpd/error_log
TransferLog /var/log/httpd/access_log
SetOutputFilter INFLATE
<Proxy *>
RequestHeader unset Via
RequestHeader unset X_FORWARDED_FOR
RewriteEngine on
RewriteCond %{HTTP:xsslcatch} ^ison$
RewriteRule ^proxy:http://(.*)$ proxy:https://$1
RewriteCond %{HTTP:xsslcatch} ^isoff$
RewriteRule ^proxy:http://(.*)$ proxy:http://$1
RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK|OPTIONS)
RewriteRule .* - [F]
</Proxy>
</VirtualHost>