Appendix E – configuration example for Apache Proxy
<VirtualHost *:443>
ServerName spark.gateway.com
DocumentRoot C:/Apache24/htdocs/reverseproxy
RequestHeader unset Accept-Encoding
Header Set MCOE-Gateway "spark.gateway.v1"
Header set Content-Security-Policy-Report-Only "default-src https://spark.gateway.com; \
script-src https: 'unsafe-inline'; \
style-src https: 'unsafe-inline'; \
img-src data: https://spark.gateway.com; \
connect-src wss: https://spark.gateway.com; \
report-uri https://myserver.com/csp-report-master/report.php;"
CustomLog "c:/apache24/logs/spark_access.log" common
ErrorLog "c:/apache24/logs/spark_error.log"
SSLEngine on
SSLProxyEngine On
SSLProtocol ALL -SSLv2 -SSLv3
SSLHonorCipherOrder On
SSLCipherSuite ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES: RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS
SSLCACertificateFile "c:/sslcerts/startcom.crt"
SSLCertificateFile "c:/sslcerts/spark.gateway.com.crt"
SSLCertificateKeyFile "c:/sslcerts/private.key"
ProxyRequests Off
ProxyPreserveHost Off
ProxyHTMLEnable On
ProxyHTMLExtended On
ProxyHTMLCharsetOut UTF-8
SetOutputFilter INFLATE;proxy-html;DEFLATE
# For SparkView WebSocket
ProxyPass "/LIST" "wss://internal.spark.gateway/LIST"
ProxyPass "/RDP" "wss://internal.spark.gateway/RDP"
ProxyPass "/GATEWAY" "wss://internal.spark.gateway/GATEWAY"
ProxyPass "/CONF" "wss://internal.spark.gateway/CONF"
ProxyPass "/LOGIN" "wss://internal.spark.gateway/LOGIN"
ProxyPassReverse "/LIST" "wss://internal.spark.gateway/LIST"
ProxyPassReverse "/RDP" "wss://internal.spark.gateway/RDP"
ProxyPassReverse "/GATEWAY" "wss://internal.spark.gateway/GATEWAY"
ProxyPassReverse "/CONF" "wss://internal.spark.gateway/CONF"
ProxyPassReverse "/LOGIN" "wss://internal.spark.gateway/LOGIN"
ProxyPass / https://internal.spark.gateway/
ProxyPass / wss://internal.spark.gateway/
ProxyPassReverse / https://internal.spark.gateway/
ProxyPassReverse / wss://internal.spark.gateway/
</VirtualHost>
Must work with mod_proxy and mod_proxy_wstunnel.