There are numerous benefits to using a proxy server. These include, but are not limited to, performance benefits from load balancing and security benefits from the additional layer of separation between outside users and the web server(s).

A clear set of instructions for configuring an Apache2 SSL proxy for a Drupal site is hard to find. Here is a solution that has worked for me. I hope it will spare others some frustration.

My initial attempt at my SSL proxy was to encrypt traffic between the client browser and the proxy server only. The back-end connection between the proxy server and the drupal server was over an SSH tunnel, so I concentrated only on the client-side encryption. The problems that I experienced where:

1. Connections would switch from HTTPS to HTTP after every form submission.
2. The "Enable Secure Pages" radio buttons in the Secure Pages Module where disabled.

A review of the source code for the Secure Pages module showed that it requires that the PHP global variable $_SERVER['HTTPS'] be set. This was not occurring and therefore the Secure Pages module disabled itself. Since the connection from the proxy server to the Drupal server was unencrypted HTTP, the Drupal server's PHP engine was correctly leaving $_SERVER['HTTPS'] not set.

The obvious solution, extend the SSL connection from the client browser to the back-end Drupal server.

The following configuration to the apache2 virtual host configuration did the trick:

Port 12345 is an SSH tunnel to the Drupal server on port 443 (https).

You will need to enable both mod_proxy and mod_ssl.

In my configuration both the proxy server and the Drupal server have a copy of the same certificate. This cert is set with the domain name of the public proxy server.

That's it. After reloading the proxy Apache2 server everything worked perfectly. Form submissions no longer switch the connection from HTTPS to HTTP and the "Enable Secure Pages" radio buttons were now available.