Stab in the dark: have you changed $WebBaseURL ? Gerard
On 2012-03-02 15:35, k...@rice.edu wrote:
Hi RT Community, I am trying to setup RT 3.8.11 to use nginx and FastCGI and an encrypted HTTPS connection instead of the unencrypted HTTP connection. I took a look at the RT-Extension-Nginx-0.02 module but it only works with RT4, so I used it as a template and manually generated the following configuration files: fastcgi.include.conf: ---- fastcgi_pass unix:/etc/nginx/fcgi.sock; fastcgi_param SCRIPT_NAME ""; fastcgi_param PATH_INFO $fastcgi_script_name; fastcgi_param QUERY_STRING $query_string; fastcgi_param REQUEST_METHOD $request_method; fastcgi_param CONTENT_TYPE $content_type; fastcgi_param CONTENT_LENGTH $content_length; fastcgi_param REQUEST_URI $request_uri; fastcgi_param SERVER_PROTOCOL $server_protocol; fastcgi_param REMOTE_ADDR $remote_addr; fastcgi_param REMOTE_PORT $remote_port; fastcgi_param SERVER_ADDR $server_addr; fastcgi_param SERVER_PORT $server_port; fastcgi_param SERVER_NAME $server_name; ---- rt.server.conf ---- server { server_name rt2.rice.edu; listen 8443; ssl on; ssl_certificate /etc/pki/tls/certs/help_rice_edu_all.cer; ssl_certificate_key /etc/pki/tls/private/help_rice_edu.key; root /usr/site/rt/var/mason_data; access_log /var/log/nginx/nginx.access.log; gzip on; gzip_min_length 500; gzip_proxied any; gzip_types text/plain text/css application/x-javascript application/javascript ; gzip_disable "MSIE [1-6]\."; location /NoAuth/images/ { root /usr/site/rt; try_files local/html$uri #<% join ' ', map "$_\$uri", map File::Spec->abs2rel($_, $RT::BasePath), RT->PluginDirs('html') %> local/plugins/RT-Extension-CloneTicket-WithData/html$uri local/plugins/RT-IR/html$uri local/plugins/RT-Authen-ExternalAuth/html$uri local/plugins/RT-Extension-MobileUI/html$uri local/plugins/RTx-Calendar/html$uri local/plugins/RTx-EmailCompletion/html$uri local/plugins/RT-FM/html$uri local/plugins/RT-Extension-ToggleSuperUser/html$uri local/plugins/RT-Extension-SpawnLinkedTicketInQueue/html$uri local/plugins/RT-Extension-SearchResults-XLS/html$uri local/plugins/RTx-AssetTracker/html$uri local/plugins/RT-Extension-SummaryByUser/html$uri local/plugins/RT-Extension-MandatorySubject/html$uri #<% join ' ', map "$_\$uri", map File::Spec->abs2rel($_, $RT::BasePath), RT->PluginDirs('html') %> share/html$uri @main ; expires 1M; } location /NoAuth/css/ { root /var/opt/fcgi_storage; gzip_comp_level 9; expires 1M; location ~ squished { expires max; } error_page 404 = @fetch_and_store; } location /NoAuth/js/ { root /var/opt/fcgi_storage; gzip_comp_level 9; expires 1M; location ~ squished { expires max; } error_page 404 = @fetch_and_store; } location /NoAuth/RichText/ { root /var/opt/fcgi_storage; gzip_comp_level 9; error_page 404 = @fetch_and_store; expires 1M; } location / { include /etc/nginx/fcgi.include.conf; } location @main { include /etc/nginx/fcgi.include.conf; } location @fetch_and_store { include /etc/nginx/fcgi.include.conf; root /var/opt/fcgi_storage; fastcgi_store on; fastcgi_store_access user:rw group:rw all:r; fastcgi_temp_path /var/opt/fcgi_temp; } } ---- nginx.conf: ---- user rt rt; pid /var/run/nginx.pid; error_log /var/log/nginx/nginx.error.log debug; worker_processes 1; events { worker_connections 128; } http { include /etc/nginx/mime.types; include /etc/nginx/rt.server.conf; } ---- It all works using normal HTTP on port 8080 without the ssl* options. When I add the ssl* options, the login screen comes up correctly, but after I login I get the following error: 400 Bad Request The plain HTTP request was sent to HTTPS port and the URL is http://rt2.rice.edu:8443 and not the https version. If I change the URL manually from http to https I have logged in. If I try to reply to a ticket, after I click update, it again goes to the http version of the URL and not the https version. Does anyone have any idea about what I am missing? Regards, Ken
-------- RT Training Sessions (http://bestpractical.com/services/training.html) * Boston March 5 & 6, 2012