Environment
Retain 1.x+
SLES 10, 11
Apache 2.x
Situation
When using Apache 2.x on SLES, what is the proper procedure for forcing non-encrypted requests on port 80 to SSL port 443?
Resolution
NOTE: You should have SSL configured before continuing on. Information on how to enable SSL on Apache SLES can by found at: https://support.microfocus.com/kb/doc.php?id=
7020434 |
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
The first entry in the Apache Configuration File enables Apache's mod_rewrite module. The second entry instructs Apache to fire the below rule if the request is destined to any port except 443. The final entry is the redirection rule which changes the URL of requests to HTTPS if not destined to port 443.
NOTE: After applying this rule, Apache will only redirect the request if it is listening on the destination port. The Apache listen ports are configured in /etc/apache2/listen.conf.
After you have added this rule, make sure to restart Apache.
Please see Apache's mod_rewrite documentation for all other rewrite rule options and parameters.
NOTE: It is usually best practice to change to Retain worker configuration to always use HTTPS when communicating with the Retain server. This avoids relying on the Apache rewrite module to change the URL of each of the numerous requests from the worker. This is configured by changing the Server Protocol in the RetainServer web administration -> Workers -> Connection tab.
The bootstrap will need to be re-uploaded for this change to take effect. Instructions on how to re-upload the bootstrap can be found here.
Additional Information
This article was originally published in the GWAVA knowledgebase as article ID 1994.