On 7/16/07, Van Der Hart, Kevin <kvanderhart@xxxxxxxxxxxxxx> wrote:
We are terminating an SSL session on a load balancer in front of an Apache web server. Things work fine except for a few portions of the app running behind Apache (compiled 3rd party program which we have no source access to) sends some 302 redirect responses with a location header that has http instead of https. If the request to Apache is https the app can tell and will send https redirects but since Apache is only doing http, that's all it returns for the redirects. I know how to add, set, and unset headers with mod_header. Is it possible to check for the location header and if it exists with http://host1.domain.com/... change it to https://host1.domain.com/... for all response headers?
I doubt that mod_headers is going to be able to modify Location. However, although I haven't tried it, you might be able to fix this with the (unfortunately undocumented) Protocol directive: ServerName host1.domain.com:443 Protocol https UseCanonicalName On Joshua. --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|