[CatiaL]

Hi,

I have solved my problem since a while but I had no time to post the solution.

As summary: I have Zimbra and Apache running on the same server.
Apache "occupies" the ports 80 for http and 443 https (I have ssl "running")

zimbraMailSSLPort 7443

My notation refer to A RedHat Enterprise OS.

%%%%% HTTPS ACCESS OVER PORT 443 %%%%%%%%%

Introduction
In Apache (RedHat version) the file

Code:

/etc/httpd/conf/httpd.conf

rules the http (no ssl) web access while the file

Code:

/etc/httpd/conf.d/ssl.conf

rules the https (with ssl) web access.

It is very important if you want to have some Virtual Hosts running under http AND other running under https that the settings are as follows:

• In httpd.conf the NameVirtualHost must be set as:
  
  NameVirtualHost *:80
  
  and all the Virtual Hosts must be defined as
  
  <VirtualHost *:80>
  ………..
  ………..
  </VirtualHost>

• In ssl.conf the NameVirtualHost must be set as:
  
  NameVirtualHost *:443
  
  and all the Virtual Hosts must be defined as
  
  <VirtualHost *:443>
  ………..
  ………..
  </VirtualHost>

Configuration with mod_jk

• Follow the same steps described in
  Zimbra with Apache using mod jk - ZimbraWiki
  for what concernes the workers and the tomcat configuration (watch out to add port 7443 to the allowed.ports list)

• Add into /etc/httpd/conf.d/ssl.conf the following text (if you did not already load mod_kj into httpd uncomment the first line)
  
  
  Code:

  # JK_MODULE
  #the module is already loaded in conf/httpd.conf
  #LoadModule jk_module modules/mod_jk.so
  JkWorkersFile conf/workers.properties
  JkLogFile logs/mod_jk.log
  JkLogLevel info
  JkLogStampFormat "[%a %b %d %H:%M:%S %Y] "
  JkOptions +ForwardKeySize +ForwardURICompat -ForwardDirectories
  JkRequestLogFormat "%w %V %T"
  
  NameVirtualHost *:443
  
  <VirtualHost *:443>
  
      ServerAdmin netmaster@domain.example
      ServerName server.domain.example
  
      <IfModule mod_rewrite.c>
          RewriteEngine On
          RewriteLog logs/server_rewrite.log
          RewriteLogLevel 0
          RewriteRule ^/$ https://server.domain.example/zimbra
      </IfModule>
  
      JkMount /zimbra         zimbraworker
      JkMount /zimbra/        zimbraworker
      JkMount /zimbra/*       zimbraworker
      JkMount /service        zimbraworker
      JkMount /service/       zimbraworker
      JkMount /service/*      zimbraworker
      JkMount /zimbraAdmin    zimbraworker
      JkMount /zimbraAdmin/   zimbraworker
      JkMount /zimbraAdmin/*  zimbraworker
      JkMount //zimbra        zimbraworker
  
    ErrorLog logs/ssl_error_log
    TransferLog logs/ssl_access_log
    SSLEngine on
    SSLCipherSuite ALL:!ADH:!EXPORT56:RC+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP
    SSLCertificateKeyFile /opt/zimbra/ssl/ssl/server/server.key
    SSLCertificateFile /opt/zimbra/ssl/ssl/server/server.crt
  
  </VirtualHost>

  NOTE: This uses the automatically generated ssl certificate from Zimbra. If you want another certificate you can generate a self signed one or buy one.

• restart httpd
  
  Code:

  service httpd restart

• switch zimbra to https
  
  Code:

  zmtlsctl https
  tomcat restart

IMPORTANT NOTE: If you plan to use ZimbraMobile and you have such mixed configuration (Zimbra and Apache running on the same serevr) you can not use the mod_jk "trick" to let apace access zimbra under standard ports. You should use the proxy "trick" instead.