I have an existing server configuration with Apache as the front end and it passes certain URL requests to Tomcat. The Tomcat server does not have to worry about security. I have done a lot of work to secure the Apache instance and enable HTTPS and so far after a few years, it has not been compromised (that I know of, LOL). I would like to just pass openHAB communication from my secured Apache instance to the openHAB service via an Apache HTTPS connection similar to Tomcat. Is this possible? Or would I need to rework and compile my own version of openHAB with this functionality?
Thanks and Best Regards,
Ralph
Neither Tomcat nor openHAB would be aware that Apache is inbetween. This configuration is called a reverse proxy. There used to be instructions in the official docs to set that up but it appears only nginx remains in the docs. Running openHAB Behind a Reverse Proxy | openHAB. If you know Apache, you should be able to interpret the purpose of those settings for nginx and translate them for Apache.
Note, you won’t be able to put OH in a subfolder (e.g. https://my-special-domain.org/openhab). It’s not equipped to handle that unless you write a tom of rewrite rules into Apache.
Further to what Rich said (which is all ), I think that there is another thing to keep in mind.
It sounds like security is quite important for you, so I am assuming that you are exposing your installation to a hostile environment. You may want to consider if you could instead not do that and have secure access to your openHAB instance using VPN. It’s much harder to compromise something that isn’t acessible…