Defect #24880

Documentation for enabling HTTPS is not clear

Added by Jonathan Schneider almost 5 years ago. Updated over 4 years ago.

Status:ClosedStart date:
Priority:NormalDue date:
Assignee:-% Done:

0%

Category:Documentation
Target version:-
Resolution:Wont fix Affected version:3.2.2

Description

I have been running Remine for years, updated it several times with no trouble, experience of configuring Apache and of creating keys and certificates but NOT of Ruby and Rails as a programmer.

I have just installed the server key and certificate and they are fine and https works. But the links within Redmine are http.

I gather from random pages that RequestHeader set X_FORWARDED_PROTO 'https' is good and that does indeed change the problem.

But both the http and https services are on non-standard ports not least as that makes my "redmine" user need no privileges (with a little DNAT).

Now the links are https which is good but not to the actual https port. I gather tweaking ssl_option is in in order and changed the line in my configuration.rb so it said

@ssl_options = { port : 8443 }

but obviously the syntax wasn't right.

Please could the documentation be fixed with a complete guide on HTTPS setup particularly where non-standard (TCP) ports are used. I have found mentions in the forums but it hasn't helped me.

It would be reasonable to assume the business of preparing keys and certificates and dealing with Apache is documented elsewhere many times over.

Thank you.


Related issues

Related to Redmine - Defect #25577: Fixing wrong hyphenization on FAQ-Page for RequestHeader Closed

History

#1 Updated by Toshi MARUYAMA almost 5 years ago

  • Status changed from New to Closed

Redmine is Rails app and does not depend any Webserver (Apache, Thin, Puma etc.).
So there is no way to document it.

#2 Updated by Jonathan Schneider almost 5 years ago

So it's a Rails problem ?

#3 Updated by Toshi MARUYAMA almost 5 years ago

  • Resolution set to Wont fix

#4 Updated by Cheyenne Wills over 4 years ago

It appears that Ruby Rails 4 is more picky on the headers now. We had:

RequestHeader set X_FORWARDED_PROTO "https" 

in our proxy apache config. This needed to be changed to
RequestHeader set X-Forwarded-Proto "https" 

We also had a utility that was using the rest api break because there was a small error in one of the headers that started to get a 400 invalid header response.

#5 Updated by Toshi MARUYAMA over 4 years ago

  • Related to Defect #25577: Fixing wrong hyphenization on FAQ-Page for RequestHeader added

Also available in: Atom PDF