Project

General

Profile

Actions

Feature #24763

open

Force SSL when Setting.protocol is "https"

Added by Aleksandar Pavic about 7 years ago. Updated 7 months ago.

Status:
New
Priority:
Normal
Assignee:
-
Category:
Administration
Start date:
Due date:
% Done:

0%

Estimated time:
Resolution:

Description

Forcing SSL is important, and some enterprise environment can't be used if they aren't forcing the SSL due to security standards and best practices.

Redmine's Administration | Settings offers HTTPS as an option, but choosing it does nothing.

Editing the config/settings.yml and changing protocol from default: http
to https does nothing also

However placing the

config.force_ssl = true

in config/application.rb do work and do force SSL

So I'm not sure is it a defect or a feature request, but I'm posting it as a defect.

My Redmine info:

Environment:
  Redmine version                3.3.1.stable
  Ruby version                   2.1.4-p265 (2014-10-27) [x86_64-linux]
  Rails version                  4.2.7.1
  Environment                    production
  Database adapter               Mysql2


Files

redminessl.png (9.56 KB) redminessl.png Aleksandar Pavic, 2017-01-05 08:52
redmine_https.png (24.7 KB) redmine_https.png Aleksandar Pavic, 2020-04-18 09:08
https_always.png (14.8 KB) https_always.png Aleksandar Pavic, 2020-04-18 09:10
clipboard-202308221333-re9zw.png (7.88 KB) clipboard-202308221333-re9zw.png Redmine Version Information Sheng Ze Fan, 2023-08-22 07:33
clipboard-202308221336-rlpbe.png (6.43 KB) clipboard-202308221336-rlpbe.png config/settings.yml Sheng Ze Fan, 2023-08-22 07:36
clipboard-202308221338-bjris.png (65.5 KB) clipboard-202308221338-bjris.png config/application.rb Sheng Ze Fan, 2023-08-22 07:38

Related issues

Related to Redmine - Feature #2579: Configure SSL schema for "private" actions.Closed2009-01-25

Actions
Related to Redmine - Feature #3804: Authentication over HTTPSNew2009-09-02

Actions
Actions

Also available in: Atom PDF