Hi, I'm running into a issue with RGW running Civetweb behind a Apache mod_proxy server.
The problem is that when AWS credentials and signatures are send using the Query String the host header calculated by RGW is something like this: host:rgw.mydomain.local:7480 RGW thinks it's running on 7480 and signs with that, but the client signed the request for 'rgw.mydomain.local'. That causes a signature mismatch. This is because the client connects to port 80 or 443 on that Apache webserver which uses mod_proxy to localhost:7480 I'm aware of Civetweb being able to handle SSL as well, but this organization has some additional application firewalling they want to do in Apache before handing the request to Civetweb. I've been looking at a way to tell RGW to never add a port number to the signing process, but SERVER_PORT(_SECURE) are hardcoded in the code and can't be set to anything else. Any idea on how to tell RGW to *never* include the port number in the signing process with AWS4? Thanks, Wido _______________________________________________ ceph-users mailing list [email protected] http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com
