2.1.3 Example configuration for working with a reverse proxy with SSL traffic forwarding
This subsection describes a configuration example where a DMZ is secured between a web browser on a client machine and the JP1/DH - Server machine, and a reverse proxy server# that can forward SSL traffic resides on the DMZ. If you want to operate your JP1/DH - Server on a network connected to the Internet, use this example configuration as a reference to examine and determine your network configuration.
- #
-
The JP1/DH Web server (built-in reverse proxy server) does not run separately on a machine other than the JP1/DH - Server machine. Therefore, a different reverse proxy server from the JP1/DH Web server is used in this example configuration.
Figure 2‒3: Example configuration for working with a reverse proxy with SSL traffic forwarding
- Organization of this subsection
(1) Features
-
This configuration can limit access to JP1/DH - Server only from the reverse proxy server placed on the DMZ and prevent JP1/DH - Server from being accessed directly by client machines.
-
A web browser on the client machine and the reverse proxy server, as well as the reverse proxy server and JP1/DH - Server, communicate with each other over HTTPS.
(2) Software requirements for each machine
Each machine requires the following software:
-
Client machine
A client machine requires a web browser and a JP1/DH client program.
-
Reverse proxy server machine
A reverse proxy server in this configuration requires a function that forwards HTTPS traffic from web browsers on client machine to a JP1/DH - Server.
-
JP1/DH - Server machine
The machine for installation of JP1/DH - Server. The following pieces of software are required:
-
JP1/DH Web application server
-
JP1/DH Web server
-