Results 1 to 4 of 4

Thread: HTTP to redirect to HTTPS

  1. #1
    djve's Avatar
    djve is offline Senior Member
    Join Date
    May 2007
    Location
    San Mateo
    Posts
    68
    Rep Power
    8

    Default HTTP to redirect to HTTPS

    I'm installing Zimbra from the rPath appliance package and testing if Zimbra will do what we need.

    One item is to redirect people from HTTP to HTTPS. So if the hit port 80 they are redirected to port 443.

    In /opt/zimbra/httpd-2.0.54/conf/httpd.conf I appended the lines:

    SSLRequireSSL


    Followed by:
    zmtlsctl mixed
    tomcat restart

    This seems to work as we need. But does anybody know of any problems this may cause? I doubt I know enough of Zimbra at this point to test it well enough to be confident of my results.

    Thanks,

    David

  2. #2
    jholder's Avatar
    jholder is offline Former Zimbran
    Join Date
    Oct 2005
    Location
    Thatcher, AZ
    Posts
    5,606
    Rep Power
    20

    Default

    I think that might be
    Bug 7631 - redirect to https mode problem

    I don't think it will cause any issues because as long as it redirects to https, then all traffic goes https. . .thus ignoring http. . .which causes the redirect.

    So, for example, if we have a http-only/specific call, then it would get stuck in an infinite loop. . .but we don't

    jh

  3. #3
    pavera is offline Member
    Join Date
    May 2007
    Posts
    11
    Rep Power
    8

    Default

    unfortunately that bug does seem to effect me...

    I followed the initial post exactly and my results are that when I go to the login page over http, I get redirected to https for the login. However, as soon as I log in I am redirected back to an http page to read mail.

    It seems the bug you listed is specifically requesting a feature whereby http is always redirected to https. Am I correct in stating that it is currently not possible?

    As I see it the options are:
    a) I can either disable http altogether (use zmtlsctl https), and then users have to use the https URL or they get connection denied because the server is not listening on port 80.

    b) I can put it in mixed mode, I only get encryption on login, not throughout the mail session.

  4. #4
    djve's Avatar
    djve is offline Senior Member
    Join Date
    May 2007
    Location
    San Mateo
    Posts
    68
    Rep Power
    8

    Default

    Two replies, wow!

    jholder,

    Thanks but this isn't related to the bug at all. I'm having no problems, I'm just trying to make sure my change to httpd.conf will not cause any problems that may be known but I may not hit in my limited testing.

    pavera,

    Sorry but I'm not up on the forum syntax. They SSLRequireSSL was inclosed in XML tags. This was trapped out by the forum software. What I have at the bottom of the httpd.docs file is:

    <Directory "/opt/zimbra/httpd-2.0.54/htdocs/Zimbra">
    SSLRequireSSL
    </Directory>

    The "Zimbra" is where the code is read from for the web pages.

    (Used preview this time to makes sure the tags are displayed correctly.)

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. [SOLVED] Redirect http to https
    By rwjblue in forum Administrators
    Replies: 31
    Last Post: 10-13-2010, 12:44 AM
  2. Redirect to https!
    By celeron in forum Administrators
    Replies: 2
    Last Post: 03-10-2007, 12:03 PM
  3. Switching From Https to Http Protocol in JSP
    By Shyam in forum Administrators
    Replies: 1
    Last Post: 10-10-2006, 06:58 AM
  4. Changing browser access from HTTPS to Both HTTPS and HTTP
    By kelley.ch in forum Administrators
    Replies: 5
    Last Post: 09-18-2006, 11:50 PM
  5. HTTPS Is Working, HTTP Not Working
    By uh-nu-bu in forum Installation
    Replies: 12
    Last Post: 11-09-2005, 06:58 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •