[rt-users] RT 3.6.1 https issue (fwd)

Jon Daley bestpractical at jon.limedaley.com
Mon Oct 23 15:22:01 EDT 2006


---------- Forwarded message ----------
Date: Mon, 23 Oct 2006 20:52:28 +0200
From: Jan Korbel
To: Jon Daley
Subject: Re: [rt-users] RT 3.6.1 https issue

I was running RT on port 80 and https proxy on port 443. Also i had one 
redirect rule for clients with IP address other than server one.

<VirtualHost *:80>
...
RewriteEngine On
RewriteCond %{REMOTE_ADDR} !IP_SERVER
   RewriteRule ^/(.*) https://rt_site/$1 [L]
...
</VirtualHost>
<VirtualHost *:443>
...
RewriteEngine On
RewriteRule ^/(.*) http://rt_site/$1 [L,P]
<Proxy http://rt_site/>
   Order Allow,Deny
   Allow from all
</Proxy>
...
</VirtualHost>

Not so simple, but only one going https with original sources :) I have other 
solution now, see this patch of lib/RT/Interface/Web.pm:

---cut---
196c196
<             $uri->port($ENV{'SERVER_PORT'});
---
> #            $uri->port($ENV{'SERVER_PORT'});
---cut---

Conclusion: Actual server port is other than $ENV{'SERVER_PORT'}, at least with 
mod_perl2 and few Apache virtual servers. Because of that it's not a good idea 
to use it, especially for URL construction. It's used for cookie name too but 
probably this is not a big problem.

H.

Jon Daley wrote:
> On Mon, 23 Oct 2006, Jan Korbel wrote:
>> I'm testing latest stable version of RT (3.6.1) about a week and i have a 
>> problems with HTTPS only site. When i want to update ticket, data is sent 
>> but browser wanna go to URL:
>> https://mysite.tld:80/Ticket/Display.html?id=1
>> 
>> Set($WebPort , 443);
>> Set($WebBaseURL , "https://mysite.tld");
>> 
>> Another strange thing is name of cookie:
>> RT_SID_SITE.80
>> 
>> From share/html/Elements/SetupSessionCookie:
>> my $cookiename = "RT_SID_".$RT::rtname.".".$ENV{'SERVER_PORT'};
>> Only one HTTPS configuration, which is going fine so far, is RT/HTTP and 
>> mod_proxy in Apache with HTTPS ;) I know it's not so nice, so if you have 
>> some idea, write it.
>
>     You are running RT on port 80, but then forwarding port 443 to port 80 
> using mod_proxy?  Why not just run RT on port 443 directly?
>     I wonder if changing the SERVER_PORT line in lib/RT/Interface/Web.pm to 
> use the hard coded $WebPort would fix it for you?



More information about the rt-users mailing list