Just wanted to update that I fixed this issue. I moved the two ProxyPass statements below to the default-ssl.conf inside my <VirtualHost *:443> container for the server, and everything is always forced to https now and loads properly. Thanks
ProxyPass /Microsoft-Server-ActiveSync \ http://127.0.0.1:20000/SOGo/Microsoft-Server-ActiveSync \ retry=60 connectiontimeout=5 timeout=3540 ProxyPass /SOGo http://127.0.0.1:20000/SOGo retry=0 From: Chris Burke <burkech...@yahoo.com> To: "users@sogo.nu" <users@sogo.nu> Sent: Wednesday, May 25, 2016 3:23 PM Subject: Re: [SOGo] SSL issues SOGo web access and ActiveSync Hi- Thanks so much for the response. I made the changes to the x-webobjects headers according to the documentation, restarted apache and sogo, but the issue is still happening. In happens in both Chrome and IE. Even though Apache should be redirecting everything to https, after logging in it is still makes calls to http. The SOGo web access loads but the fonts & layout are messed up. Using Chrome developer tools I can see the fonts are requested via http and therefore not loading: "Font from origin 'https://mail.mydomain.com' has been blocked from loading by Cross-Origin Resource Sharing policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://mail.mydomain.com' is therefore not allowed access." If I go up to the URL bar and make it "https" and reload the page, all is fine again. I'm just not sure what is happening on authentication, why the user gets redirected to http. Below is a snip from my Apache SOGo.conf which shows the values for RequestHeader. I'm going to experiment with moving the ProxyPass statements to my default-ssl.conf instead of leaving them in SOGo.conf to see if that makes a difference. <Proxy http://127.0.0.1:20000/SOGo>## adjust the following to your configuration## and do not forget to enable the headers module<IfModule headers_module> RequestHeader set "x-webobjects-server-port" "443" RequestHeader set "x-webobjects-server-name" "mail.mydomain.com" RequestHeader set "x-webobjects-server-url" "https://mail.mydomain.com"; ## When using proxy-side autentication, you need to uncomment and## adjust the following line: RequestHeader unset "x-webobjects-remote-user"# RequestHeader set "x-webobjects-remote-user" "%{REMOTE_USER}e" env=REMOTE_USER RequestHeader set "x-webobjects-server-protocol" "HTTP/1.0" </IfModule> AddDefaultCharset UTF-8 Order allow,deny Allow from all</Proxy> -Chris From: Francis Lachapelle <users@sogo.nu> To: users@sogo.nu Sent: Wednesday, May 25, 2016 8:19 AM Subject: Re: [SOGo] SSL issues SOGo web access and ActiveSync Hi Chris > On May 24, 2016, at 3:31 PM, Chris Burke (burkech...@yahoo.com) > <users@sogo.nu> wrote: > > I'm having a problem getting SSL to work with SOGo web access and ActiveSync. > > > In Apache I redirect everything to SSL in 000-default.conf: > > <VirtualHost *:80> > ServerName mail.mydomain.com > Redirect permanent / https://mail.mydomain.com/ > </VirtualHost> > > This works great for everything, except when accessing SOGo. > > When I go to https://[mail.mydomain.com]/SOGo the login page loads https > correctly, but as soon as I click "connect", I get redirected to http and the > page doesn't load properly because of mixed http and https calls. > > After getting redirected to http I can I can force "https:" in the URL bar, > then it will load correctly. > > I think the problem may be the http ProxyPass statements in the Apache > SOGo.conf file: > > ProxyPass /Microsoft-Server-ActiveSync \ > http://127.0.0.1:20000/SOGo/Microsoft-Server-ActiveSync \ > retry=60 connectiontimeout=5 timeout=3540 > > ProxyPass /SOGo http://127.0.0.1:20000/SOGo retry=0 > > I have tried changing these ProxyPass statements to https (and turning on > SSLProxyEngine). > This failed. > I have also changed 127.0.0.1 to mail.mydomain.com (which resolves locally to > 127.0.0.1) and this still fails with "internal server error". > > Any ideas how I can stop SOGo from redirecting to http? > > Also is there a way to force ActiveSync to use SSL? You must set the x-webobjects headers. See the documentation: http://sogo.nu/files/docs/SOGoInstallationGuide.html#_apache_configuration Francis -- users@sogo.nu https://inverse.ca/sogo/lists -- users@sogo.nu https://inverse.ca/sogo/lists
