Hi, We have set up an inline PacketFence system and are trying to get Facebook login working.
When we redirect the user to the graph.facebook.com to authenticate via OAuth, it appears that the reverse proxy is replacing Facebook's SSL certificate with the internal PacketFence certificate. The browser then throws a certificate error and the authentication cannot be completed. Facebook uses HSTS so it is not possible to 'accept' the certificate and proceed. We've tried adding the relevant domains to the Proxy Passthroughs list but this doesn't seem to fix the issue. Has anyone else experienced this problem? There was a similar issue described in http://www.mail-archive.com/packetfence-users%40lists.sourceforge.net/msg05120.html but this involves in an internal page so adding a proper wildcard certificate for the domain will fix the problem. It is obviously not an option for us to add the correct Facebook certificate. Is there any way to hardcode the proxy passthroughs in the Apache configuration files? Thanks, Michael Invigor Group Limited is a company registered in Australia (ABN 75 081 368 274). This email and any attachments are intended solely for the use of the addressee(s) and may contain information that is confidential, subject to copyright and subject to legal professional privilege. If you have received this email in error, please notify the sender immediately, delete it and destroy all copies. Any views expressed are those of the individual sender unless expressly stated otherwise. In respect of this email and any attachments, to the extent permitted by law, no warranty is given and all liability is excluded,including, without limitation, liability for any loss or damage caused by way of computer virus, defect, delay, or interruption.
------------------------------------------------------------------------------
_______________________________________________ PacketFence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users
