https://www.redmine.org/https://www.redmine.org/favicon.ico?16793021292008-04-29T18:35:34ZRedmineRedmine - Defect #1145: https - not all links use https but httphttps://www.redmine.org/issues/1145?journal_id=25112008-04-29T18:35:34ZDaniel N
<ul></ul><p>I searched the bugs on redmine.org and found <a class="issue tracker-1 status-5 priority-4 priority-default closed" title="Defect: URLs in emails do not use HTTPS when appropriate (Closed)" href="https://www.redmine.org/issues/157">#157</a> which seems to have related effects but for emails.</p> Redmine - Defect #1145: https - not all links use https but httphttps://www.redmine.org/issues/1145?journal_id=25152008-04-29T22:53:20ZEric Davis
<ul></ul><p>This is all based on your Apache settings. The "protocol" and "hostname" in the administration setting are only for email. Check to make sure you have your Apache with the following line:</p>
<pre>
RequestHeader set X_FORWARDED_PROTO 'https'
</pre>
<p>That tells Redmine and mongrel that https is used.</p>
<p>Full configuration file from my old Apache:</p>
<pre>
<VirtualHost *:80>
ServerName projects.littlestreamsoftware.com
RewriteEngine On
# Redirect any non HTTPS requests to the HTTPS server
RewriteCond %{HTTP_HOST} ^projects.littlestreamsoftware.com$ [NC]
RewriteRule ^(.*)$ https://projects.littlestreamsoftware.com$1 [R=301,L]
Include /etc/apache2/common/hide-svn
Include /etc/apache2/common/deflate
</VirtualHost>
NameVirtualHost *:443
<VirtualHost *:443>
SSLEngine on
SSLCertificateFile /etc/apache2/apache.pem
RequestHeader set X_FORWARDED_PROTO 'https'
ServerAdmin webmaster@localhost
RewriteEngine On
DocumentRoot /home/websites/projects.littlestreamsoftware.com/current/public
<Directory "/home/websites/projects.littlestreamsoftware.com/current/public">
Options FollowSymLinks
AllowOverride All
Order allow,deny
Allow from all
</Directory>
<Proxy balancer://redmine_cluster>
BalancerMember http://127.0.0.1:12000
</Proxy>
ProxyPass / balancer://redmine_cluster/
ProxyPassReverse / balancer://redmine_cluster/
# These directories should always be served up by Apache, since they contain static content. Or just let rails do it.
ProxyPass /images !
ProxyPass /stylesheets !
ProxyPass /javascripts !
ProxyPass /favicon.ico !
# Uncomment for rewrite debugging
# RewriteLog /tmp/myapp_rewrite_log
# RewriteLogLevel 9
# Check for maintenance file and redirect all requests
RewriteCond %{DOCUMENT_ROOT}/system/maintenance.html -f
RewriteCond %{SCRIPT_FILENAME} !maintenance.html
RewriteRule ^.*$ /system/maintenance.html [L]
# Rewrite index to check for static
RewriteRule ^/$ /cache/index.html [QSA]
# Rewrite to check for Rails cached page
RewriteRule ^([^.]+)$ /cache/$1.html [QSA]
# Redirect all non-static requests to cluster
RewriteCond %{DOCUMENT_ROOT}/%{REQUEST_FILENAME} !-f
RewriteRule ^/(.*)$ balancer://redmine_cluster%{REQUEST_URI} [P,QSA,L]
ErrorLog /var/log/apache2/error.log
CustomLog /var/log/apache2/admin-access.log combined
ServerSignature Off
Include /etc/apache2/common/hide-svn
Include /etc/apache2/common/deflate
</VirtualHost>
</pre> Redmine - Defect #1145: https - not all links use https but httphttps://www.redmine.org/issues/1145?journal_id=25182008-04-30T07:17:35ZDaniel N
<ul><li><strong>Status</strong> changed from <i>New</i> to <i>Resolved</i></li></ul><p>Hi Eric,<br />thank you very much! I suspected the settings but you were right. It was mod_proxy and the missing header for https.</p> Redmine - Defect #1145: https - not all links use https but httphttps://www.redmine.org/issues/1145?journal_id=25212008-04-30T08:52:27ZJean-Philippe Langjp_lang@yahoo.fr
<ul><li><strong>Status</strong> changed from <i>Resolved</i> to <i>Closed</i></li><li><strong>Target version</strong> set to <i>0.7.1</i></li><li><strong>Resolution</strong> set to <i>Fixed</i></li></ul><p>Home, Logout, Login links are fixed in <a class="changeset" title="Fixed: Home, Logout, Login links are absolute (#1122, #1145)." href="https://www.redmine.org/projects/redmine/repository/svn/revisions/1384">r1384</a>.<br />They have now relative urls.</p> Redmine - Defect #1145: https - not all links use https but httphttps://www.redmine.org/issues/1145?journal_id=27882008-05-16T18:50:21ZRobert Cerny
<ul><li><strong>Status</strong> changed from <i>Closed</i> to <i>Reopened</i></li></ul><p>Hi,<br />I installed version 1424 today and it looks like the Login/Logout/Account paths are still absolute... At least on my install while browsing <a class="external" href="http://localhost:3000">http://localhost:3000</a> I get <a class="external" href="http://192.168.1.10:3000/">http://192.168.1.10:3000/</a> after trying to login</p> Redmine - Defect #1145: https - not all links use https but httphttps://www.redmine.org/issues/1145?journal_id=28112008-05-18T16:55:54ZJean-Philippe Langjp_lang@yahoo.fr
<ul><li><strong>Target version</strong> deleted (<del><i>0.7.1</i></del>)</li></ul><p>Robert: could you attach the full html content of the home page please ?</p> Redmine - Defect #1145: https - not all links use https but httphttps://www.redmine.org/issues/1145?journal_id=28252008-05-19T14:01:18ZRobert Cerny
<ul><li><strong>File</strong> <a href="/attachments/538">index.html</a> <a class="icon-only icon-download" title="Download" href="/attachments/download/538/index.html">index.html</a> added</li></ul><p>Enclosed please find attached html file. You didn't provide much details which page should I attach, so it's home page after successful login. My browser swaps to ip address when clicking Sign out. Could redirect_back_or_default method be involved there??</p> Redmine - Defect #1145: https - not all links use https but httphttps://www.redmine.org/issues/1145?journal_id=28332008-05-20T08:51:30ZRobert Cerny
<ul></ul><p>Well,<br />it looks like the problem was in the configuration of my server. All is working now.</p> Redmine - Defect #1145: https - not all links use https but httphttps://www.redmine.org/issues/1145?journal_id=29542008-05-25T11:46:25ZJean-Philippe Langjp_lang@yahoo.fr
<ul><li><strong>Status</strong> changed from <i>Reopened</i> to <i>Closed</i></li><li><strong>Resolution</strong> changed from <i>Fixed</i> to <i>Invalid</i></li></ul><p>OK, thanks for the feedback Robert.</p> Redmine - Defect #1145: https - not all links use https but httphttps://www.redmine.org/issues/1145?journal_id=44392008-08-21T13:13:38ZToni Kerschbaum
<ul><li><strong>Status</strong> changed from <i>Closed</i> to <i>Reopened</i></li></ul><p>Is it possible that if "Authentication required" is enabled, the redirect goes to <a class="external" href="http://,">http://,</a> regardless if the URI used is for instance <a class="external" href="http://www.redmine.org">http://www.redmine.org</a> or <a class="external" href="https://secure.redmine.org">https://secure.redmine.org</a>?</p>
<p>In my case, I have Apache serving Redmine with standard <a class="external" href="http:// access">http:// access</a> from the Intranet, but SSL/https:// access for clients from untrusted networks. Can this be done even? So far, everything works fine, except the issue described above.</p> Redmine - Defect #1145: https - not all links use https but httphttps://www.redmine.org/issues/1145?journal_id=44422008-08-21T13:22:38ZToni Kerschbaum
<ul></ul><p>The solution described by Eric Davis in reply No. 2 fixes my problem - it's working now :)</p> Redmine - Defect #1145: https - not all links use https but httphttps://www.redmine.org/issues/1145?journal_id=52872008-10-25T04:55:18ZEric Davis
<ul><li><strong>Status</strong> changed from <i>Reopened</i> to <i>Closed</i></li></ul><p>Closing, issue caused by Apache configuration.</p>