Hey Everyone!
I've run into a weird problem with SSL; I've (re)configured Apache to redirect all requests to https URLs using:
RewriteEngine On
RewriteRule ^(.*) https://%{SERVER_NAME}%{REQUEST_URI} [R,L]
SWA works great, the SAC login console loads too but won't let me log in (which it will without the SSL configuration). The only error I can make out from caa.log with the SSL rewrite turned on is:
2006-05-26 23:53:09,924 FATAL [RESServiceHandler.GetMailNodesList:828] java.io.IOException: White spaces are required between publicId and systemId.:server.name.com
I saw some variations of SSL and SAC problems in the forums but didn't hit anything that would let me fix this. Any takers?
Weird SSL problem
Moderators: ScalixSupport, admin
-
jryden
- Posts: 73
- Joined: Fri May 26, 2006 8:32 pm
- Location: Los Angeles, USA
Hmm, it gets better. :) If I take out the rewrite rule, restart Apache and access https://... instead of http://... I'm able to log in to SAC. Is there something funny happening with the rewrite rules??
-
florian
- Scalix
- Posts: 3852
- Joined: Fri Dec 24, 2004 8:16 am
- Location: Frankfurt, Germany
- Contact:
Not too weird actually...
SAC is a SOAP application, i.e. the JavaScript code running in your browser accesses the "Ubermanager" management server and this, in turn, accesses the "Remote Execution Service", basically our management agent.
All these accesses go over http - in a single server environment, these would get rewritten as well. The URLs for those services start with /caa and/or /res.
In your Rewrite command, you specify the "R" flag. AFAIK, this means send-back-a-redirect, which doesn't work with the JavaScript and Java-based HTML clients - they will report the redirect back to the app internally, but noone will handle it.
So I believe what you need to do is to exclude these URLs from rewriting...
Thx,
Florian.
SAC is a SOAP application, i.e. the JavaScript code running in your browser accesses the "Ubermanager" management server and this, in turn, accesses the "Remote Execution Service", basically our management agent.
All these accesses go over http - in a single server environment, these would get rewritten as well. The URLs for those services start with /caa and/or /res.
In your Rewrite command, you specify the "R" flag. AFAIK, this means send-back-a-redirect, which doesn't work with the JavaScript and Java-based HTML clients - they will report the redirect back to the app internally, but noone will handle it.
So I believe what you need to do is to exclude these URLs from rewriting...
Thx,
Florian.
Florian von Kurnatowski, Die Harder!
-
ScalixSupport
- Scalix
- Posts: 5503
- Joined: Thu Mar 25, 2004 8:15 pm
Thanks go to one of our SEs in the field, Darrell, for this one...
You can exclude the URLs like this
Cheers
Dave
You can exclude the URLs like this
Code: Select all
RewriteEngine on
RewriteCond %{REQUEST_FILENAME} !^/caa/.*
RewriteCond %{REQUEST_FILENAME} !^/res/.*
RewriteRule ^/(.*) https://host.domain.com/$1 [R,L]Cheers
Dave
-
jryden
- Posts: 73
- Joined: Fri May 26, 2006 8:32 pm
- Location: Los Angeles, USA
ScalixSupport wrote:Thanks go to one of our SEs in the field, Darrell, for this one...
You can exclude the URLs like thisCode: Select all
RewriteEngine on
RewriteCond %{REQUEST_FILENAME} !^/caa/.*
RewriteCond %{REQUEST_FILENAME} !^/res/.*
RewriteRule ^/(.*) https://host.domain.com/$1 [R,L]
Cheers
Dave
Sweet! That did it! Merci buckets guys.
Who is online
Users browsing this forum: No registered users and 1 guest