Emilio,
Thanks for your help.
The solution ended up being a lot easier than I anticipated. We are
using a vhost setup and the ServerName line was set incorrectly in each
domains ssl vhost conf file. (some setups use a giant httpd.conf file
with all vhost configurations in it.)
The incorrectly setup was was:
<VirtualHost 10.10.10.10:8443>
ServerName ssl.test.com:8443
...
</VirtualHost>
It was changed to:
<VirtualHost 10.10.10.10:8443>
ServerName https://ssl.test.com
...
</VirtualHost>
Now the redirects are handled correctly. The ServerName directive
doesn't control what port and ip it listens too. So as long as you are
browsing through the load balancer it works correctly.
thanks.
myles.
On 8/29/12 10:33 AM, Emilio Campos wrote:
Hi Myles there is not other option to try to solve this issue with
zlb. it is a apache issue (mod_speling) I would try to solve this in
apache modifying the location header, something like this could solve
your problem.
|Header edit Location ^http://ssl.test.com:8443/.*
https://ssl.test.com|/$1
I unknow the "Header" directive in apache I don't know if it accepts
regular expressions but take a look in
http://httpd.apache.org/docs/current/mod/mod_headers.html
/|edit*|/
/If this response header exists, its value is transformed
according to a regular expression
<http://httpd.apache.org/docs/current/glossary.html#regex>
search-and-replace. The value argument is a regular expression
<http://httpd.apache.org/docs/current/glossary.html#regex>, and
the replacement is a replacement string, which may contain
backreferences. The |edit| form will match and replace exactly
once in a header value, whereas the |edit*| form will replace
/every/ instance of the search pattern if it appears more than once./
I hope this help you.
Regards
2012/8/29 Myles Merrell <[email protected]
<mailto:[email protected]>>
Emilio,
I'm using the https profile.
I updated the profile, and changed the the RewriteLocation to 1
and 2, and I'm still getting the same issue.
https://ssl.test.com/time/test
gets translated to:
http://ssl.test.com:8443/Time/Test
The response headers are the following:
HTTP/1.1 301 Moved Permanently
Date: Tue, 28 Aug 2012 20:34:17 GMT
Server: Apache
Location:http://ssl.test.com:8443/Time/Test
<http://ssl.demosphere.com:8443/common/fckeditor2_6rc/fckeditor.js>
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 221
Keep-Alive: timeout=2
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Is there any more information that would help trouble shoot?
thanks.
myles.
On 8/29/12 2:41 AM, Emilio Campos wrote:
Hi Myles the first of all what kind of profile are you using with
zen? HTTP profile? HTTPS profile? TCP profile?
if you use HTTPS profile try the next:
open your configuration farm file in
/usr/local/zenloadbalancer/config/yourfarmname_pound.cfg
Search a line like this:
RewriteLocation 0
you can try to change 0 by 1 or 2 value
If you change this value you have to restart your farm by the way
it is a mod_speling issue so the backend is replying with these
url and finaly the client is redirected.
Let me know your advance
Regards!
2012/8/29 Myles Merrell <[email protected]
<mailto:[email protected]>>
I have setup the zen load balancer in a standard setup, and
I'm trying
to put it in front of two apache servers that have been
working well.
We've run into some difficulties with the server using mod_ssl to
correct case errors.
I have an ssl server farm, and it is being distributed
accross two
apache server. Both of these servers are using mod_speling
to correct
case sensitive errors on the url. It does this by
redirecting the user
to the "correct" url. However, the "correct" url is actually
incorrect.
Example,
if abc.com <http://abc.com> is load balanced on port 443, to
two apache servers serving
on port 10443.
if you want to get to the link:
https://abc.com/Time/Add
it will work correctly, but if you try to goto:
https://abc.com/time/add
mod_speling will correct it to:
http://abc.com:10443/Time/Add
The relative portion of the link is correct, but it redirects
the user
to port 10443, which is unavailable because it's behind the
firewall,
thus causing the error.
Has anyone experienced this, and/or has any suggestions to
handle this?
thanks.
myles.
--
Myles Merrell
Director of Software Engineering
[email protected] <mailto:[email protected]>
------------------------------------------------------------------------------
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and
threat landscape has changed and how IT managers can respond.
Discussions
will include endpoint security, mobile security and the
latest in malware
threats.
http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
_______________________________________________
Zenloadbalancer-support mailing list
[email protected]
<mailto:[email protected]>
https://lists.sourceforge.net/lists/listinfo/zenloadbalancer-support
--
Load balancer distribution - Open Source Project
http://www.zenloadbalancer.com
Distribution list (subscribe):
[email protected]
<mailto:[email protected]>
------------------------------------------------------------------------------
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and
threat landscape has changed and how IT managers can respond. Discussions
will include endpoint security, mobile security and the latest in malware
threats.http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
_______________________________________________
Zenloadbalancer-support mailing list
[email protected]
<mailto:[email protected]>
https://lists.sourceforge.net/lists/listinfo/zenloadbalancer-support
--
Myles Merrell
Director of Software Engineering
[email protected] <mailto:[email protected]>
------------------------------------------------------------------------------
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and
threat landscape has changed and how IT managers can respond.
Discussions
will include endpoint security, mobile security and the latest in
malware
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
_______________________________________________
Zenloadbalancer-support mailing list
[email protected]
<mailto:[email protected]>
https://lists.sourceforge.net/lists/listinfo/zenloadbalancer-support
--
Load balancer distribution - Open Source Project
http://www.zenloadbalancer.com
Distribution list (subscribe):
[email protected]
<mailto:[email protected]>
------------------------------------------------------------------------------
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and
threat landscape has changed and how IT managers can respond. Discussions
will include endpoint security, mobile security and the latest in malware
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
_______________________________________________
Zenloadbalancer-support mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/zenloadbalancer-support
--
Myles Merrell
Director of Software Engineering
[email protected]
------------------------------------------------------------------------------
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and
threat landscape has changed and how IT managers can respond. Discussions
will include endpoint security, mobile security and the latest in malware
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
_______________________________________________
Zenloadbalancer-support mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/zenloadbalancer-support
