OpenVPN port-share with Apache/SSL

Solution 1:

the port-share option sets the port the other application is listening.

What you want to do, is to configure

port-share 10443

and set Apache to listen on port 10443:

Listen <your-public-ip>:10443

That's because two applications can't open same port at once.

Solution 2:

OpenVPN's port-share option allows you to redirect traffic to another HTTPS site , not to a regular web server; the error you're seeing

[error] [client] Invalid method in request \x16\x03\x01

occurs when an SSL request is sent to a non-0SSL site. I can reproduce the error by using

  port-share localhost 80

(instead of 443) If you set up your HTTPS site correctly then port-sharing will work.



Solution 3:

While finding an answer that suits my server I found everyone talking about portshare function of the OpenVPN config. However, in my case, I need to know the actual client IP address for logging and other functions. I found that using portshare causes the local IP of the server to be logged.

To fix this,

  1. Add portshare [port] function in OpenVPN
  2. Set Apache server to listen to [port]
  3. Install the ProxyProtocol extension (following the instructions in the repo readme), available from:
  4. Add the line ProxyProtocol On in the Apache config.

It should work and serve the above purpose. Just posted this and hope it can help someone who wants to do something like I did.