General discussion on installation and configuration of SOGo

Text archives Help


[SOGo] sogo redirects to http instead of https


Chronological Thread 
  • From: "mj" ( ) < >
  • To:
  • Subject: [SOGo] sogo redirects to http instead of https
  • Date: Wed, 30 Nov 2016 12:05:43 +0100
  • Dmarc-filter: OpenDMARC Filter v1.2.0 mail.inverse.ca E6B8211A544D

Hi,

Our apache2 SOGo.conf seems to be configured correctly, but after authentication, we are redirected to http instead of https.

Specific SOGo.conf lines:
RequestHeader set "x-webobjects-server-port" "443"
RequestHeader set "x-webobjects-server-name" "sogo3.company.com"
env=HTTP_HOST
RequestHeader set "x-webobjects-server-url" "https://sogo3.company.com";
env=HTTP_HOST

Why would I be redirected to http, instead of https?
(also for some popups within the SOGo gui)

Complete SOGo.conf:

Alias /SOGo.woa/WebServerResources/ \
/usr/lib/GNUstep/SOGo/WebServerResources/
Alias /SOGo/WebServerResources/ \
/usr/lib/GNUstep/SOGo/WebServerResources/

<Directory /usr/lib/GNUstep/SOGo/>
AllowOverride None

<IfVersion < 2.4>
Order deny,allow
Allow from all
</IfVersion>
<IfVersion >= 2.4>
Require all granted
</IfVersion>

# Explicitly allow caching of static content to avoid browser specific
behavior.
# A resource's URL MUST change in order to have the client load the new
version.
<IfModule expires_module>
ExpiresActive On
ExpiresDefault "access plus 1 year"
</IfModule>
</Directory>

## Uncomment the following to enable proxy-side authentication, you will then
## need to set the "SOGoTrustProxyAuthentication" SOGo user default to YES and
## adjust the "x-webobjects-remote-user" proxy header in the "Proxy" section
## below.
#
## For full proxy-side authentication:
#<Location /SOGo>
# AuthType XXX
# Require valid-user
# SetEnv proxy-nokeepalive 1
# Allow from all
#</Location>
#
## For proxy-side authentication only for CardDAV and GroupDAV from external
## clients:
#<Location /SOGo/dav>
# AuthType XXX
# Require valid-user
# SetEnv proxy-nokeepalive 1
# Allow from all
#</Location>

ProxyRequests Off
SetEnv proxy-nokeepalive 1
ProxyPreserveHost On

# When using CAS, you should uncomment this and install cas-proxy-validate.py
# in /usr/lib/cgi-bin to reduce server overloading
#
# ProxyPass /SOGo/casProxy http://localhost/cgi-bin/cas-proxy-validate.py
# <Proxy http://localhost/app/cas-proxy-validate.py>
# Order deny,allow
# Allow from your-cas-host-addr
# </Proxy>

# Enable to use Microsoft ActiveSync support
# Note that you MUST have many sogod workers to use ActiveSync.
# See the SOGo Installation and Configuration guide for more details.
#
ProxyPass /Microsoft-Server-ActiveSync \
http://127.0.0.1:20000/SOGo/Microsoft-Server-ActiveSync \
retry=60 connectiontimeout=5 timeout=360

ProxyPass /SOGo http://127.0.0.1:20000/SOGo retry=0

<Proxy http://127.0.0.1:20000/SOGo>
## adjust the following to your configuration
## and do not forget to enable the headers module
<IfModule headers_module>
RequestHeader set "x-webobjects-server-port" "443"
RequestHeader set "x-webobjects-server-name" "sogo3.company.com"
env=HTTP_HOST
RequestHeader set "x-webobjects-server-url" "https://sogo3.company.com";
env=HTTP_HOST

## When using proxy-side autentication, you need to uncomment and
## adjust the following line:
RequestHeader unset "x-webobjects-remote-user"
# RequestHeader set "x-webobjects-remote-user" "%{REMOTE_USER}e"
env=REMOTE_USER

RequestHeader set "x-webobjects-server-protocol" "HTTP/1.0"
</IfModule>

AddDefaultCharset UTF-8

Order allow,deny
Allow from all
</Proxy>

# For Apple autoconfiguration
<IfModule rewrite_module>
RewriteEngine On
RewriteRule ^/.well-known/caldav/?$ /SOGo/dav [R=301]
RewriteRule ^/.well-known/carddav/?$ /SOGo/dav [R=301]
</IfModule>


MJ



Archive powered by MHonArc 2.6.18.

Top of page