apache-proxy.conf

#Apache Proxy SSL Termination Config File
#Place in /etc/httpd/conf.d/<file>.conf
#Optimized for SSL ciphers that are fast and secure
#You can have Jetty/Tomcat or any other application server behind Apache
#Remember to remove /etc/httpd/conf.d/ssl.conf if you install this file
#Also you must have mod_ssl RPM installed for this to work

#Syed Ali syed_a_ali@yahoo.com
#December 2013

LoadModule ssl_module modules/mod_ssl.so
ProxyPass /server-status !
Listen 443
SSLSessionCache         shmcb:/var/cache/mod_ssl/scache(512000)
SSLSessionCacheTimeout  300
SSLMutex default
SSLRandomSeed startup file:/dev/urandom  256
SSLRandomSeed connect builtin
SSLCryptoDevice builtin
ErrorLog logs/ssl_error_log
TransferLog logs/ssl_access_log
LogLevel warn
SSLProtocol all -SSLv2
SSLHonorCipherOrder On
SSLCipherSuite ALL:!ADH:!EXP:!LOW:!RC2:!3DES:!SEED:!RC4:+HIGH:+MEDIUM

#you can generate a self signed certificate file using this command
#$sudo openssl req -x509 -newkey rsa:2048 -keyout apache.key -out apache.crt -days 999 -nodes
#the ca.crt file is a certificate chain file
SSLCertificateFile /etc/httpd/certs/apache.crt
SSLCertificateKeyFile /etc/httpd/certs/apache.key
#This directive sets the all-in-one file where you can assemble the Certificates of Certification Authorities (CA) whose clients you deal with.
SSLCACertificateFile /etc/httpd/certs/ca.crt

<VirtualHost *:443>
ServerName <fill-in-server-name>
SSLEngine on
AllowEncodedSlashes On
</VirtualHost>

ProxyRequests Off
ProxyPassMatch  (.*) http://localhost:8080 nocanon
ProxyPreserveHost On
ProxyStatus On
SetEnv proxy-nokeepalive 0
RequestHeader set X-Forwarded-Proto "https" env=HTTPS