Results 1 to 2 of 2

Thread: Upgraded from 5.02 to 5.07, mod_proxy now misbehaving

  1. #1
    rbilbrey@naasecurity.net is offline Starter Member
    Join Date
    Dec 2007
    Location
    Anderson
    Posts
    1
    Rep Power
    7

    Thumbs down Upgraded from 5.02 to 5.07, mod_proxy now misbehaving

    As with many users running Zimbra, our installation is in an environment in which apache is installed and serving other applications. I have set zimbrahttp to 8080 and https to 8443 and have been using mod_proxy to terminate the ssl connection and passing the traffic on to zimbra. All did work well, after the upgrade to 5.07, the ssl login page is presented, but an http page is returned after login. I do not want any clear text communication, thus no http over the net. If I append a s the http: the client loads and all subsequent returned urls are not rewritten to http. Maybe I did something on the original zimbra install that I don't remember with zimbra the first time, but
    TIA for any help, Bob

    I don't what it could be. Below is the mod_proxy config:

    <VirtualHost 192.10.200.165:443>

    # General setup for the virtual host, inherited from global configuration
    DocumentRoot "/var/www/mail"
    ServerName my.domain.net:443
    Redirect / https://my.domain.net/zimbra/
    # Use separate log files for the SSL virtual host; note that LogLevel
    # is not inherited from httpd.conf.
    ErrorLog logs/ssl_mail_error_log
    TransferLog logs/ssl_mail_access_log
    LogLevel warn

    SSLEngine on
    SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSL v2:+EXP
    SSLCertificateFile /etc/httpd/conf/ssl.crt/mail.domain.crt
    SSLCertificateKeyFile /etc/httpd/conf/ssl.key/mail.domain.key
    <Files ~ "\.(cgi|shtml|phtml|php3?)$">
    SSLOptions +StdEnvVars
    </Files>
    <Directory "/var/www/cgi-bin">
    SSLOptions +StdEnvVars
    </Directory>


    SetEnvIf User-Agent ".*MSIE.*" \
    nokeepalive ssl-unclean-shutdown \
    downgrade-1.0 force-response-1.0

    CustomLog logs/ssl_request_log \
    "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"


    <IfModule mod_proxy.c>
    RequestHeader set Front-End-Https On
    ProxyRequests On
    ProxyPreserveHost On
    ProxyVia full


    <Location "/service">
    # Modify to your setup, but do NOT skip these lines --
    # you MUST configure access controls securely!
    Order deny,allow
    Allow from 127.0.0.1
    Allow from all

    # Replace this URL with the host/port that the
    # Zimbra user web interface is using
    ProxyPass http://my.domain.net:8080/service
    ProxyPassReverse http://my.domain.net:8080/service
    </Location>

    <Location "/zimbra">
    # Modify to your setup, but do NOT skip these lines --
    # you MUST configure access controls securely!
    Order deny,allow
    Allow from 127.0.0.1
    Allow from all

    # Replace this URL with the host/port that the
    # Zimbra user web interface is using
    ProxyPass http://my.domain.net:8080/zimbra
    ProxyPassReverse http://my.domain.net:8080/zimbra
    </Location>

    # Only include this section to enable access to
    # the Zimbra administrative web interface
    <Location "/zimbraAdmin">
    # Modify to your setup, but do NOT skip these lines --
    # you MUST configure access controls securely!
    Order deny,allow
    Allow from 127.0.0.1
    Allow from all

    # Replace this URL with the host/port that the
    # Zimbra administrative web interface is using
    ProxyPass https://my.domain.net:7071/zimbraAdmin
    ProxyPassReverse https://my.domain.net:7071/zimbraAdmin
    </Location>
    <Location "/zimbra/h/changepass">
    # Modify to your setup, but do NOT skip these lines --
    # you MUST configure access controls securely!
    Order deny,allow
    Allow from 127.0.0.1
    Allow from all

    # Replace this URL with the host/port that the
    # Zimbra user web interface is using
    ProxyPass http://my.domain.net:8080/zimbra/h/changepass
    ProxyPassReverse http://my.domain.net:8080/zimbra/h/changepass
    </Location>
    </IfModule>
    </VirtualHost>

  2. #2
    uxbod's Avatar
    uxbod is offline Moderator
    Join Date
    Nov 2006
    Location
    UK
    Posts
    8,016
    Rep Power
    24

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Installation on FC3 under Xen
    By andreground in forum Installation
    Replies: 9
    Last Post: 11-14-2005, 10:29 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •