I'm sure this is where I find out I'm doing something stupid...so let me clarify.
I don't have my pound server configured to use DNS, I'm just using the /etc/hosts file for now...mainly b/c I don't have the liberty of messing with the DNS at the site I'm at. I'll check the IP binding and get back w/ an answer. On Mon, Jul 25, 2011 at 3:21 PM, Jacob Anderson <[email protected]>wrote: > Hi Hall,**** > > ** ** > > Login to your pound machine and type “nslookup my_pound_machine_fqdn”**** > > ** ** > > Does it resolve to the correct IP address?**** > > ** ** > > Get rid of everything except the https directive in your pound config and > see if it works. Then make sure that you have your back ends bound ONLY on > the IP addresses that are proxied by pound.**** > > ** ** > > -- Jake**** > > ** ** > > ** ** > > *From:* Hall Barricklow [mailto:[email protected]] > *Sent:* Monday, July 25, 2011 12:52 PM > *To:* [email protected] > *Subject:* Re: [Pound Mailing List] pound w/ HTTPS to Apache backend > redirects to HTTP**** > > ** ** > > Thanks for the reply. > > Yes, I only have HTTPS directive in my config, the rest of my .cfg file is > as it comes by default. I'm just trying to get HTTPS working before I move > on to load balancing, etc. I originally started with just HTTP and it > worked fine, so moved on to HTTPS. Yes, I am testing all from within my LAN > right now. I have my BE Apache setup with usecanonicalname no, so it should > be using whatever is passed in the URL. > > Unfortunately I don't have that much control over the application, it's a > big box ERP system. DNS appears to be sound. **** > > On Mon, Jul 25, 2011 at 2:32 PM, Jacob Anderson <[email protected]> > wrote:**** > > Hall,**** > > **** > > If you ONLY have an HTTPS directive in your config, and you are being > redirected back to http, then it sounds like you are (a) testing from your > LAN, and (b) your BE is sending a redirect that is LAN addressed instead of > pound addressed.**** > > **** > > Make sure that your application always redirects using the pound URL, and > that it always preserves the protocol being requested or forces https.**** > > **** > > If you only have https in your pound config then any http action will not > work.**** > > **** > > Post your entire pound config file if there is more to it …**** > > **** > > ALSO - very important - check that your DNS for the pound server to resolve > to the correct IP addresses. I had a similar problem to yours because I had > not kept my internal DNS updated and so the pound server was not able to > find itself in DNS and so I always got http instead of https.**** > > **** > > -- Jake**** > > **** > > **** > > *From:* Hall Barricklow [mailto:[email protected]] > *Sent:* Monday, July 25, 2011 12:19 PM > *To:* [email protected] > *Subject:* [Pound Mailing List] pound w/ HTTPS to Apache backend redirects > to HTTP**** > > **** > > Yes, I've seen the many, many multitudes of posts on this topic, but > nothing I've tried seems to fix it. I pull up the link just fine, but as > soon as I do anything within the application, it immediately drops to HTTP. > I can throw the "S" in there and hit enter and the page loads fine, but the > next action I do in the app takes me back to HTTP. See below for config, > any ideas? > > It almost sounds like the issue described on the pound homepage with regard > to zope: > > " A special problem arises when you try using *Pound* as an SSL wrapper: > Zope assumes that the requests are made via HTTP and insists on prepending > 'http://' to the (correct) address in the replies, including in the tag > and the absolute URLs it generates (for images for example). This is clearly > an undesirable behavior. " > > ::::CONFIGURATION:::: > > Pound version - 2.4.5-3 on Ubuntu server 10.04 > > I'm using an application called JDEdwards EnterpriseOne that sits on Oracle > Application Server and Apache 1.3 > > I have the application running on HTTP port 8101. I have pound running on > a separate server as HTTPS on port 4433, below is my config: > > ListenHTTPS > Address 0.0.0.0 > Port 4433 > Cert "/usr/local/etc/jdewebcert.pem" > RewriteLocation 2 > Service > BackEnd > Address 192.168.1.100 > Port 8101 > End > End > End**** > > ** ** >
