Linux - ServerThis forum is for the discussion of Linux Software used in a server related context.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Your browser sent a request that this server could not understand.
Reason: You're speaking plain HTTP to an SSL-enabled server port.
Instead use the HTTPS scheme to access this URL, please.
IE just has a white page.
Now if I take the reverseproxy out of the equation, IE will take you back to the login screen, FF wont even load it w/o some about:config mods to allow low encryption but thats not important.
well i'd suggest working on the acutal problem you have... if a link says https:// but you end up on http:// then something is seriously screwed. take that original url and run (for example) "wget -vk https://thaturlhere.com" and see what that actually retruns. for you to end up on aan http connection from that you'd need to be getting something like an http 302 redirection message from it, there's no other point in the process which has the right to change the address.
Look at the files in "/var/log/apache2". The "ssl_engine.log" file should have good debugging information about what is happening. The other logs will also be informative.
That would certainly be the first fix, but it's not as cut and dry as it may seem.
The app runs on an AS400, and I have no rights on that box. The app is very old and in need of desperate upgrading and Apache Reverse proxy was the band aid until the app was upgraded. It runs 40 Bit encryption and FF 2.x and IE7 (on vista) choke at that bit level.
IE 7 on XP and below never even cough at the low levels of encryption.
The Logout script is running but it's being redirected somewhere on the backend.
In the interim, I've copied snippets from the vhost file and supplied info about the server environment
Running Ubuntu 6.06-1 LTS
Server version: Apache/2.0.55
Server built: Aug 16 2007 22:20:04
mod-proxy-html
libapahce-mod-ssl
ports.conf listens on 80 and 443
Your httpd.conf (or apache.conf) will show you where to look for your logs. Mine are in "/var/log/apache". If you cannot find your logs by reading your configuration file, use the "find" command starting in "/".
If you are not looking at your Apache logs to debug this problem, you are ignoring a valuable debugging tool.
This has been quite since I've been out of the office for a while. I've turned on Debug for the HTTPS site and get the following error when logging out.
[Fri Jan 04 16:28:51 2008] [debug] /build/buildd/apache2-2.0.55/build-tree/apache2/modules/ssl/ssl_engine_kernel.c(1775): OpenSSL: Exit: error in SSLv2/v3 read client hello A
[Fri Jan 04 16:28:51 2008] [info] SSL handshake failed: HTTP spoken on HTTPS port; trying to send HTML error page
[Fri Jan 04 16:28:51 2008] [info] SSL Library Error: 336027804 error:1407609C:SSL routines:SSL23_GET_CLIENT_HELLO:http request speaking HTTP to HTTPS port!?
I realize this is bad coding as I originally mentioned but I have no rights to change the code and don't know if I can get approval to do so.
Back to my original question, I'd like to run the rewrite module and have the link rewritten/rerouted via apache modules.
You'll have to create two separate vhosts, one for host:80 and another for host:443. Then you'll need to create the certificate for host:443 and add the directives in the host.443.conf file. Then you can add the Redirect / host:443 in the host.80.conf file. Each new ssl host:443 vhost has to have a separate certificate and each of their corresponding host:80 can redirect to the ssl vhost.
Well I can mark this one solved. It was a combination of a few things, primarily to the fact that apache 2.0.5 didnt work well as a reverse proxy but apache 2.2.3 worked like a champ.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.