RE: SetEnv HTTPS on... not working. (UNCLASSIFIED)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Classification:  UNCLASSIFIED 
Caveats: NONE

Does this http://httpd.apache.org/docs/2.0/ssl/ssl_faq.html#relative work for you?

---
Dwight Victor (Contractor), CISSP, RHCT, SCSECA
DISA-PAC EMSS Gateway Hawaii
EMAIL: dwight.victor.ctr@xxxxxxxx
TEL:   (808) 653-3677 ext 229 

-----Original Message-----
From: Mxrgus Pxrt [mailto:margus@xxxxxxxx] 
Sent: Sunday, December 12, 2010 4:28 PM
To: users@xxxxxxxxxxxxxxxx
Subject: Re:  SetEnv HTTPS on... not working.

Hey!

I did not mean that I want HTTP to HTTPS transparency (although, I can't 
see how do they differ to end application - communication from client to 
server is over SSL with HTTPS + few additional environmental values - 
should not affect end app).

I'll try to explain, what I ment with an example:

Components:
- client
- SSL offloader (Apache)
- Backend server (Apache)


Now client makes query to https://example.com. Backend server requeries 
that HTTPS on or redirect to there is done. Code example below:

RewriteCond %{HTTPS} !=on
RewriteRule (.*)      https://example.com/$1 [L,R=301]


(But this does not work, as query comes to port 80 over HTTP from SSL 
offloader and infinite loop is created.)


I know, I could write headers from SSL offloader and check in backend 
server (or even do this in SSL offloader):

RewriteCond %{HTTP:HTTPS} !=on
RewriteRule (.*)      https://example.com/$1 [L,R=301]


But I am stubborn and want to know, how to overwrite this value (or 
answer, that it's not possible because of ...).


Br,
Margus




On 12/11/2010 04:46 PM, Jeroen Geilman wrote:
> On 12/10/10 12:55 PM, Mxrgus Pxrt wrote:
>> I have SSL offloader, what checks wheather user came using HTTP or 
>> HTTPS (sends accordingly header.)
>>
>> As I want it to be transparent to application and available to 
>> .htaccess, I use apaches values. I want to overwrite them.
>
> Switching from HTTP to HTTPS cannot be transparent. ever.
>


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
   "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx

Classification:  UNCLASSIFIED 
Caveats: NONE

Attachment: smime.p7s
Description: S/MIME cryptographic signature

[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux