You added the header information, but in the application are you checking for the new header?
-----Original Message----- From: Francisco Ruiz [mailto:[email protected]] Sent: Friday, December 17, 2010 3:21 PM To: [email protected] Subject: Re: [Pound Mailing List] Redirect HTTP to HTTPS Hi, I'm doing something similar, but it doesn't work as I expected. This is my configuration: -------------------------------------------------------- ListenHTTP Address W.X.Y.Z Port 80 RewriteLocation 2 Service "PORTAL_REDIRECTHTTPS" HeadRequire "Host: portal\.dominio\.pri" URL "/privado/.*" Redirect "https://portal.dominio.pri"; End Service "PORTAL" HeadRequire "Host: portal\.dominio\.pri" Backend Address A.B.C.D Port 80 End End End ListenHTTPS Address W.X.Y.Z Port 443 Cert "/etc/pound/cert/portal/portal.pem" ClientCert 3 9 CAlist "/etc/pound/cert/ca/CApublicas.pem" VerifyList "/etc/pound/cert/ca/CApublicas.pem" NoHTTPS11 2 # Add this header to inform the backend server that this comes from a https request AddHeader "X-Forwarded-HTTPS: on" AddHeader "X-Forwarded-Proto: https" Service "PORTAL_HTTPS" HeadRequire "Host: portal\.dominio\.pri" URL "/privado/.*" # Avoid SSL forgeries when client certificates used HeadDeny "X-SSL-Subject: .*" HeadDeny "X-SSL-Issuer: .*" HeadDeny "X-SSL-notBefore: .*" HeadDeny "X-SSL-notAfter: .*" HeadDeny "X-SSL-serial: .*" HeadDeny "X-SSL-cipher: .*" HeadDeny "X-SSL-certificate: .*" Backend Address O.P.Q.R Port 80 End End End -------------------------------------------------------- I'm trying to force SSL when the client go into the URL "/privado/", but the location the browser recives when it is redirected is "http://portal.domino.pri/privado/": Pound has switched https to http. The browser is redirected several times and finally it says there must be a loop in my site. I would apreciate your help and experience. Regards, Francisco El 09/12/2010 21:12, Iain Barnett escribió: > Thanks very much for the help and the link. > > Regards, > Iain > > > On 7 Dec 2010, at 13:51, Alfonso Espitia wrote: > >> I think other people have done it by adding headers in the config, >> something like this: >> >> http://www.apsis.ch/pound/pound_list/archive/2005/2005-08/11244427630 >> 00 >> >> and then in the application, you can check for the headers and >> redirect appropriately (if front-end-https:on then...else...) >> >> --Alfonso >> >> -----Original Message----- >> From: Iain Barnett [mailto:[email protected]] >> Sent: Monday, December 06, 2010 11:25 PM >> To: [email protected] >> Subject: [Pound Mailing List] Redirect HTTP to HTTPS >> >> Hi, >> >> I'm trying to use RewriteLocation to redirect HTTP to HTTPS on the >> same server, but I'm failing and can't find a single example of how >> to use this directive successfully. The man page hasn't illuminated me at >> all. >> >> If anyone could share a link or an example to get me started I would >> be very grateful. >> >> Regards >> Iain >> -- >> To unsubscribe send an email with subject unsubscribe to [email protected]. >> Please contact [email protected] for questions. >> >> -- >> To unsubscribe send an email with subject unsubscribe to [email protected]. >> Please contact [email protected] for questions. > > -- > To unsubscribe send an email with subject unsubscribe to [email protected]. > Please contact [email protected] for questions. > -- To unsubscribe send an email with subject unsubscribe to [email protected]. Please contact [email protected] for questions. -- To unsubscribe send an email with subject unsubscribe to [email protected]. Please contact [email protected] for questions.
