Hi,
I've found the answer to my problem. There is nothing wrong with pound
and its reply goes with the correct location header, but I've found an
ISA server is in front of pound and it makes the change.
Sorry for the inconveniences.
Regards,
Francisco Ruiz
El 18/12/2010 8:10, Francisco Ruiz escribió:
Hi,
Not exactly, but we use relative URL in the site.
Any way, my problem is when somebody click on
http://portal.dominio.pri/privado/index.jsp, he should be redirected
to https://portal.dominio.pri/privado/index.jsp but the "Location"
header in the pound reply says
"http://portal.dominio.pri/privado/index.jsp". Of course, Pound
redirect the browser again and again till firefox says there is a loop
in my site.
So Pound is changing "https" with "http" in the redirect. However, if
I change the host in Redirect directive it works perfectly. I mean with
Redirect "https://portal2.dominio.pri"
the "Location" header in the replay says
"https://portal2.dominio.pri/privado/index.jsp"
Thanks for your help.
Regards,
Francisco
El 17/12/10 21:40, Alfonso Espitia escribió:
You added the header information, but in the application are you
checking for the new header?
-----Original Message-----
From: Francisco Ruiz [mailto:[email protected]]
Sent: Friday, December 17, 2010 3:21 PM
To: [email protected]
Subject: Re: [Pound Mailing List] Redirect HTTP to HTTPS
Hi,
I'm doing something similar, but it doesn't work as I expected. This
is my configuration:
--------------------------------------------------------
ListenHTTP
Address W.X.Y.Z
Port 80
RewriteLocation 2
Service "PORTAL_REDIRECTHTTPS"
HeadRequire "Host: portal\.dominio\.pri"
URL "/privado/.*"
Redirect "https://portal.dominio.pri"
End
Service "PORTAL"
HeadRequire "Host: portal\.dominio\.pri"
Backend
Address A.B.C.D
Port 80
End
End
End
ListenHTTPS
Address W.X.Y.Z
Port 443
Cert "/etc/pound/cert/portal/portal.pem"
ClientCert 3 9
CAlist "/etc/pound/cert/ca/CApublicas.pem"
VerifyList "/etc/pound/cert/ca/CApublicas.pem"
NoHTTPS11 2
# Add this header to inform the backend server that this comes
from a https request
AddHeader "X-Forwarded-HTTPS: on"
AddHeader "X-Forwarded-Proto: https"
Service "PORTAL_HTTPS"
HeadRequire "Host: portal\.dominio\.pri"
URL "/privado/.*"
# Avoid SSL forgeries when client certificates used
HeadDeny "X-SSL-Subject: .*"
HeadDeny "X-SSL-Issuer: .*"
HeadDeny "X-SSL-notBefore: .*"
HeadDeny "X-SSL-notAfter: .*"
HeadDeny "X-SSL-serial: .*"
HeadDeny "X-SSL-cipher: .*"
HeadDeny "X-SSL-certificate: .*"
Backend
Address O.P.Q.R
Port 80
End
End
End
--------------------------------------------------------
I'm trying to force SSL when the client go into the URL "/privado/",
but the location the browser recives when it is redirected is
"http://portal.domino.pri/privado/": Pound has switched https to http.
The browser is redirected several times and finally it says there
must be a loop in my site.
I would apreciate your help and experience.
Regards,
Francisco
El 09/12/2010 21:12, Iain Barnett escribió:
Thanks very much for the help and the link.
Regards,
Iain
On 7 Dec 2010, at 13:51, Alfonso Espitia wrote:
I think other people have done it by adding headers in the config,
something like this:
http://www.apsis.ch/pound/pound_list/archive/2005/2005-08/11244427630
00
and then in the application, you can check for the headers and
redirect appropriately (if front-end-https:on then...else...)
--Alfonso
-----Original Message-----
From: Iain Barnett [mailto:[email protected]]
Sent: Monday, December 06, 2010 11:25 PM
To: [email protected]
Subject: [Pound Mailing List] Redirect HTTP to HTTPS
Hi,
I'm trying to use RewriteLocation to redirect HTTP to HTTPS on the
same server, but I'm failing and can't find a single example of how
to use this directive successfully. The man page hasn't illuminated
me at all.
If anyone could share a link or an example to get me started I would
be very grateful.
Regards
Iain
--
To unsubscribe send an email with subject unsubscribe to
[email protected].
Please contact [email protected] for questions.
--
To unsubscribe send an email with subject unsubscribe to
[email protected].
Please contact [email protected] for questions.
--
To unsubscribe send an email with subject unsubscribe to
[email protected].
Please contact [email protected] for questions.
--
To unsubscribe send an email with subject unsubscribe to [email protected].
Please contact [email protected] for questions.
--
To unsubscribe send an email with subject unsubscribe to [email protected].
Please contact [email protected] for questions.
--
To unsubscribe send an email with subject unsubscribe to [email protected].
Please contact [email protected] for questions.
--
To unsubscribe send an email with subject unsubscribe to [email protected].
Please contact [email protected] for questions.