[SOLVED] Trac over SSL

XML, Perl, Python, and other languages can be discussed here, even if it isn't PHP (We might forgive you).

Moderator: General Moderators

Post Reply
User avatar
Chris Corbyn
Breakbeat Nuttzer
Posts: 13098
Joined: Wed Mar 24, 2004 7:57 am
Location: Melbourne, Australia

[SOLVED] Trac over SSL

Post by Chris Corbyn »

I've set trac up many times before from package managers under linux but this time I had to do it on an ArchLinux box. It was relatively painless and Trac is now running but there is one minor issue.

I've never set Trac up to run over HTTPS before so this probably affects all Trac installations in this fashion. I'm running on port 445 over HTTPS (I've used port 445 because we need to target one server through a gateway to a cluster of servers). It works BUT after editting a wiki page it tries to redirect, presumably in order to prevent the back button causing issues and when it redirects it sends me to http://server/path. I need to stay under HTTPS all the time :( Anybody had this issue before or know enough python to suggest a fix? :)
Last edited by Chris Corbyn on Wed Oct 11, 2006 4:08 pm, edited 1 time in total.
User avatar
Chris Corbyn
Breakbeat Nuttzer
Posts: 13098
Joined: Wed Mar 24, 2004 7:57 am
Location: Melbourne, Australia

Post by Chris Corbyn »

Just thinking; this is only for internal use so I'd be happy with a server-level redirect. Off the top of their head does anybody know how to configure apache to do this redirect?

Code: Select all

http://project.domain.tld:445/any/path/here?args --> https://project.domain.tld:445/any/path/here?args
?
User avatar
Weirdan
Moderator
Posts: 5978
Joined: Mon Nov 03, 2003 6:13 pm
Location: Odessa, Ukraine

Post by Weirdan »

mod_rewrite?
User avatar
Chris Corbyn
Breakbeat Nuttzer
Posts: 13098
Joined: Wed Mar 24, 2004 7:57 am
Location: Melbourne, Australia

Post by Chris Corbyn »

Weirdan wrote:mod_rewrite?
I've been trying for ages and it just seems to be totally ignoring my rule :? :(

Code: Select all

<VirtualHost *:445>
    ServerName XXXXX.hidden
    DocumentRoot /home/httpd/secure/iris-project
    ScriptAlias /trac /home/httpd/secure/iris-project/htdocs/cgi-bin/trac.cgi

    RewriteEngine On
    RewriteCond %{HTTPS} !=on
    RewriteRule ^(.*) https://%{SERVER_NAME}:445/$1 [R,L]

    <Location "/trac">
        SetEnv TRAC_ENV "/home/httpd/secure/iris-project"
    </Location>
    <Location /svn>
        DAV svn
        SVNPath /home/svn/iris
        SVNAutoVersioning On
        AuthType Basic
        AuthName "IRIS SVN Repository"
        AuthUserFile /home/svn/conf/svnusers
        Require valid-user
    </Location>
</VirtualHost>
User avatar
Chris Corbyn
Breakbeat Nuttzer
Posts: 13098
Joined: Wed Mar 24, 2004 7:57 am
Location: Melbourne, Australia

Post by Chris Corbyn »

Hmm... the reason it ignores the rewrite is because the error it creates is a 400 error as it's expecting SSL:
Bad request!




Your browser (or proxy) sent a request that
this server could not understand.



If you think this is a server error, please contact
the webmaster.



Error 400


localhost.localdomain


Wed Oct 11 05:40:11 2006

Apache
I'll have to get both SSL and non-SSL working on port 445 for this work won't I?
User avatar
Chris Corbyn
Breakbeat Nuttzer
Posts: 13098
Joined: Wed Mar 24, 2004 7:57 am
Location: Melbourne, Australia

Post by Chris Corbyn »

Doh! This was such an obvious fix. Since I'm running it over CGI I needed to have:

SetEnv HTTPS 1

in httpd.conf for this VirtualHost so that Trac could see we're using HTTPS. Working fine now :)
Post Reply