Configuring a Reverse Proxy
Configuring a Reverse Proxy for ADITO Web Services
Using an HTTP or HTTPS proxy server is recommended when web services need to access the ADITO server over the Internet. This approach hides the actual address of the ADITO server from clients, enhancing security.
In contrast, when web service calls are made within the company network (e.g., by third-party software such as ERP systems), a proxy is typically unnecessary. In these cases, the ADITO server's IP address or URL can be used directly.
Proxy Server Requirements
To function correctly, the proxy server must support URL rewriting. This feature enables the proxy to:
- Accept incoming requests from clients.
- Rewrite the request URL to the actual ADITO server URL.
- Forward the request to the ADITO server transparently.
For example:
Client request:
https://marketing.kunde.de:443/ws_getInfo
Rewritten by proxy to:
https://212.234.12.65:7938/ws_getInfo
The proxy then rewrites the server's response so that the client perceives the proxy as the web service provider.
Firewall Configuration
Configure your firewall to forward incoming requests on the proxy's external IP and port to the internal ADITO server. For example:
- Open firewall port
7938on IP address212.234.12.65. - Forward these requests to the internal IP address of the ADITO server.
This setup ensures that external requests are properly routed through the proxy to the ADITO server.
SSL Certificates for HTTPS
When using HTTPS, SSL certificates must be installed on both the proxy server and the ADITO server:
- Proxy server: To authenticate itself as the ADITO web server.
- ADITO server: Certificates must be imported into the server’s keystore to decrypt and process encrypted communication.
Ensure that the SSL certificates on the proxy and ADITO server are correctly configured and trusted to avoid communication failures.