Hi, On Thu, Mar 05, Eamonn Hynes wrote: > Hello Jarno, > > Thank you very much for your message. > > Yes, I was wondering about that 301 code. I wonder do you have any more > suggestions here?
Can you try to set the port 8080 virtualhost to use ServerName https://myserver.com (or https://myserver.com:443) and see if the windows client redirects use https. (or modify the Location header(s/http/https/) on haproxy: http://cbonte.github.io/haproxy-dconv/configuration-1.5.html#4-rspirep) Also maybe you could use tcpdump to capture the client traffic between haproxy <-> apache and see if osx/linux vs. windows send different headers etc. that might explain why windows behaves differently. (BTW: Does the windows client work with plain http thru haproxy ? (no http -> https redirect on haproxy and net use ... w/out @SSL)). -Jarno > Apache2 isn't listening on https at all. All the SSL is done by haproxy. > > It's Apache2, not TomCat. > > Thanks again, > > Eamonn > > > On 5 March 2015 at 14:33, Jarno Huuskonen <[email protected]> wrote: > > > Hi, > > > > On Thu, Mar 05, Eamonn Hynes wrote: > > > `net use X: \\myserver.com@SSL\home\eamorr` #A Windows command > > > > > > here's the server-side HAProxy log (/var/log/haproxy.log): > > > > > > Mar 5 11:51:00 apacheserver1 haproxy[22786]: 137.43.130.107:51168 > > > [05/Mar/2015:11:50:25.233] www-https~ http-backend/apacheserver1 > > > 35691/0/1/11/35703 301 511 - - --NI 1/1/0/1/0 0/0 "OPTIONS /home/eamorr > > > HTTP/1.1" > > > Mar 5 11:51:01 apacheserver1 haproxy[22786]: 137.43.130.107:51168 > > > [05/Mar/2015:11:51:00.936] www-https~ http-backend/apacheserver1 > > > 97/0/0/2/99 301 497 - - --NI 1/1/0/1/0 0/0 "OPTIONS /home HTTP/1.1" > > > > > > And here's the output from Apache2 (with trace8 debugging info enabled): > > > > [some lines removed] > > > > > fixups hook gave 301: /home > > > Response sent with status 301, headers: > > > Location: http://myserver.com/home/ > > > > Hmm, this looks like something redirects the request back to http > > (response 301 and Location: http://) ? > > > > Maybe the apache virtualhost needs some config to think it's ssl > > enabled, so it'll redirect to https ? > > > > (Is the backend server apache or is it tomcat(cookie JSESSIONID) (or > > both)) ? > > (With tomcat maybe try setting secure=true and/or scheme=https to port > > 8080 connector). > > > > -Jarno > > > > > When I connect from Linux (which works fine!), I get the following > > > `/var/log/haproxy.log`: > > > > > > Mar 5 12:20:10 apacheserver1 haproxy[22786]: 137.43.130.107:51295 > > > [05/Mar/2015:12:20:10.062] www-https~ http-backend/apacheserver1 > > > 114/0/0/14/128 200 303 - - --NI 1/1/0/1/0 0/0 "OPTIONS /home/eamorr > > > HTTP/1.1" > > > Mar 5 12:20:10 apacheserver1 haproxy[22786]: 137.43.130.107:51295 > > > [05/Mar/2015:12:20:10.190] www-https~ http-backend/apacheserver1 > > 3/0/0/3/6 > > > 207 474 - - --VN 1/1/0/1/0 0/0 "PROPFIND /home/eamorr HTTP/1.1" > > > Mar 5 12:20:10 apacheserver1 haproxy[22786]: 137.43.130.107:51295 > > > [05/Mar/2015:12:20:10.196] www-https~ http-backend/apacheserver1 > > 1/0/0/2/3 > > > 200 172 - - --VN 1/1/0/1/0 0/0 "OPTIONS /home/ HTTP/1.1" > > > Mar 5 12:20:10 apacheserver1 haproxy[22786]: 137.43.130.107:51295 > > > [05/Mar/2015:12:20:10.200] www-https~ http-backend/apacheserver1 > > > 31/0/0/3/34 207 901 - - --VN 1/1/0/1/0 0/0 "PROPFIND /home/eamorr > > HTTP/1.1" > > > Mar 5 12:20:10 apacheserver1 haproxy[22786]: 137.43.130.107:51295 > > > [05/Mar/2015:12:20:10.234] www-https~ http-backend/apacheserver1 > > > 52/0/0/10/62 207 2188 - - --VN 1/1/0/1/0 0/0 "PROPFIND /home/eamorr > > > HTTP/1.1" > > > > -- > > Jarno Huuskonen > > > > > > -- > Eamonn Hynes -- Jarno Huuskonen
