Zimbra and Apache - same server & different urls

[Kallisti]

Hi everybody!

I've been installing, upgrading and reinstalling Zimbra FOSS for a while, trying to get it just right.. Right now I'm starting from scratch again and would like some input on how to plan my installation. My main issue has to do with getting zimbra to co-exist with apache in an elegant way.

What I would like to get in the end is this:
* a server, domain.tld, with users@domain.tld
* my MX for domain.tld points to mail.domain.tld (same server/ip)
* apache running on www.domain.tld (and domain.tld)
* Zimbra (for webmail, desktop, dav etc) running on https://z.domain.tld

My problems have been
1. ajp doesn't work (for admin and desktop) as the responses apparently are too large, so thats abandoned in favor of just mod_proxy
2. redirections when using proxy to http://z.domain.tld or http(s)://domain.tld, I'm guessing that there are several places in the configuration where the domain is explicitly stated (?)

During the trials I have followed the wiki (and others), creating a zimbra.conf (mungled in the post) for apache, changing ports, modes and URLs using zmprov, zmtlsctl etc. I've realised that I'm not sure I understand what domain and server means in Zimbra and that I should probably start from a clean system with some help from you guys!

Is there a way to get Zimbra to understand that all http communication should go through https://z.domain.tld but the user domain is still domain.tld, preferably in a way that survives updates.. One thought is to install Zimbra as z.domain.tld but that seems to give me users@z.domain.tld. I would like to avoid that even if I guess I could then create another zimbra-domain giving me users@domain.tld. But if that is the only way to consistently make Zimbra not redirect the user to domain.tld, OK then!

What port to use when installing/zmprov-ing is also an issue. If I tell zimbra to use, say, 8443 then it seems to want to redirect the user there and of course 443 gives a port conflict (if apache is running at the time).

So my questions are: So is installing with z.domain.tld and then customizing the domain and port easiest and most permanent or should I use domain.tld and customize the redirects etc? What would need to be customized for z.domain.tld to achieve the setup I want? What would need to be customized for domain.tld? How can I do it so I won't need to redo it with every point upgrade?

I'm mostly interested in the high level idea, the details I can dig up or, failing that, ask about in another thread.. Hope you guys have some thoughts!

/Kallisti

[Kallisti]

So I've figured out a bit more about domains and servers. Now I have installed my server as z.domain.tld and changed the default domain to domain.tld in the installation (under LDAP settings). I set my admin password and changed http and https ports to 9080 and 9443 respectively (as 8080 and 8443 where already taken for zimbraMailProxyPort and zimbraMailSSLProxyPort). Finally I changed access mode from http to https. In my apache virtual host I proxy https://z.domain.tld/ to https://localhost:9443/.

When I go to https://z.domain.tld I get my login page but after I press login my broswer is redirected to http://z.domain.tld/zimbra. If I manually enter https://z.domain.tld again in my browser I am logged in and it seems to work until I try to log out. Then I'm again directed to http://z.domain.tld which of course gives me a 404 error.

I've tried reinstalling with differect access modes and changing it with zmtlsctl but I still get a redirection to http. I've also tried finding something in jetty.xml and LDAP (using zmprov) that could give me a hint but no luck!

Could someone tell me what I'm doing wrong or forgetting?

Maybe I'm going about this in the wrong way. I read about http proxy introduced in 5.0.5 in the release notes and in this thread but I can't find any instructions on how, the wiki-page in the thread only discuss imap/pop-proxying. Any pointers on that would also be appreciated! And what is zimbraMailProxyPort and zimbraMailSSLProxyPort?

/Kallisti