Page 2 of 2 FirstFirst 12
Results 11 to 18 of 18

Thread: Secure URL

  1. #11
    LMStone's Avatar
    LMStone is offline Moderator
    Join Date
    Sep 2006
    Location
    477 Congress Street | Portland, ME 04101
    Posts
    1,373
    Rep Power
    10

    Default

    Quote Originally Posted by phoenix View Post
    That bug seems to be scheduled to be fixed in the next major release, just send an email to support with your comments and ask for your case to be added to the bug - that will do it.
    Thanks for the follow up; it is sincerely appreciated!

    Would "the next major release" be 4.5.3 or 5.0.0?

    All the best,
    Mark

  2. #12
    bobby is offline Zimbra Employee
    Join Date
    Nov 2005
    Posts
    518
    Rep Power
    10

    Default

    pfefferc:
    what version of ZCS are you running? have you already attempted customization of Login.jsp?

    LMStone:
    the workaround is pretty simple:

    1. Edit /opt/zimbra/tomcat/webapps/zimbra/public/Login.jsp and comment out this
    statement so that http connections are *never redirected back* to http:

    Code:
      qs = emptyQs? "?initMode=" + currentProto: qs + "&initMode=" +
      currentProto;
    2. Set the mail mode to mixed to allow the initial http connections that will be redirected to https:

    Code:
    zmtlsctl mixed
    tomcat restart
    edit: the "next major release" will be ZCS 5.0

  3. #13
    fizi is offline Senior Member
    Join Date
    Nov 2006
    Location
    Canada
    Posts
    69
    Rep Power
    8

    Default

    For my server this is how I do my redirect.

    At http://webmail.mydomain.ca/ it loads a PHP page as follows:

    PHP Code:
    <?php

    header
    ("Location: https://webmail.mydomain.ca/"); //Redirect to secure webmail

    ?>
    I haven't had a single problem with it switching back to http.

    Edit: Oh the reason why I do this is because I already have a web server running on 80 (HTTP) and I have Zimbra Webmail running ONLY on 443 (HTTPS).

  4. #14
    robbyt is offline Loyal Member
    Join Date
    Jan 2006
    Posts
    83
    Rep Power
    9

    Default

    what i've done to get around this is run lighttpd on port 80, and have zimbra only setup for https. then when anyone connects to my separate lighttpd running on p80, the get a 320 that points them to https

    good to know that the proper fix is on it's way though!

  5. #15
    Rich Graves is offline Outstanding Member
    Join Date
    Jan 2007
    Location
    Minnesota
    Posts
    719
    Rep Power
    9

    Default

    For those of you in sensitive environments, please be aware of http://bugzilla.zimbra.com/show_bug.cgi?id=14538

    I'd originally sent that as a private support request, but it looks like they made it public. Until that issue is fully addressed, then you might want to force your users to type in or bookmark the https.

  6. #16
    Rich Graves is offline Outstanding Member
    Join Date
    Jan 2007
    Location
    Minnesota
    Posts
    719
    Rep Power
    9

    Default

    Re fizi's reply: You might need something that's able to redirect http://zimbra/some/specific/url to https://zimbra/some/specific/url, not just the top level redirect.

    The reason for this is that Apple's iCal, and possibly other things, supports https but won't let you type in https URLs. So to subscribe to a public Zimbra calendar (without the iSync connector), you need to enter the URL as http:// or webcal://, accept the redirect, and internally use https.
    Last edited by Rich Graves; 03-28-2007 at 11:21 AM. Reason: s/fiji/fizi

  7. #17
    fizi is offline Senior Member
    Join Date
    Nov 2006
    Location
    Canada
    Posts
    69
    Rep Power
    8

    Default

    Quote Originally Posted by Rich Graves View Post
    Re fizi's reply: You might need something that's able to redirect http://zimbra/some/specific/url to https://zimbra/some/specific/url, not just the top level redirect.

    The reason for this is that Apple's iCal, and possibly other things, supports https but won't let you type in https URLs. So to subscribe to a public Zimbra calendar (without the iSync connector), you need to enter the URL as http:// or webcal://, accept the redirect, and internally use https.
    I am the sole user of my mail server and I don't use a Mac

    Thanks for the tip though! A quick modification of that php script could do exactly what you are asking.

  8. #18
    wifi_guy is offline Intermediate Member
    Join Date
    Feb 2011
    Posts
    16
    Rep Power
    4

    Default

    Hey guys,

    I am coming into this one a little late. I keep hearing this issue will be fixed in the next major release, which sounded like it would be 5.0?

    I am running 7.0, shouldn't this be fixed by now? We are seeing this issue where our clients go to the FQDN, while the login page is https, once logged in it rolls back to http.

    We are running zmtlsctl mixed.

    Thoughts?

Page 2 of 2 FirstFirst 12

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Does Zimbra support IMAP Secure Authentication?
    By zzzzsg in forum Administrators
    Replies: 6
    Last Post: 11-06-2009, 07:19 PM
  2. Lotus Notes Protocol URL problems
    By bjared in forum Administrators
    Replies: 2
    Last Post: 06-24-2009, 12:17 PM
  3. Remove URL from page title
    By cmilfo in forum Administrators
    Replies: 4
    Last Post: 05-25-2007, 07:08 AM
  4. rest url and accents
    By lfasci in forum Developers
    Replies: 1
    Last Post: 03-02-2007, 10:58 AM
  5. Change spell checker URL
    By paintbuoy in forum Administrators
    Replies: 1
    Last Post: 02-12-2006, 09:49 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •