How to redirect apache to TLS/SSL for Retain

  • 7024645
  • 27-May-2020
  • 27-May-2020


Retain Unified Archiving 4.0+

SUSE Linux Enterprise Server 12
SUSE Linux Enterprise Server 15


Want to force/redirect all traffic to use TLS/SSL when logging into Retain


If Apache is not setup for TLS please follow this TID:

To redirect all traffic to use TLS:

1. Change directories to /usr/lib64/apache2/ and make sure the file is there.
note: if is not present, run the command: a2enmod rewrite

2. Change directories to /etc/sysconfig and use an editor to open the apache2 file.

3. Once apache2 is open, find the APACHE_MODULES= line and make sure rewrite is somewhere within the quotes.
note: if rewrite is not there then add it. Just has to be the word rewrite, NOT the module name

4. Change directories to /etc/apache2 and open the httpd.conf file with a text editor.

5. Go to the bottom of the file and add these lines:
RewriteEngine on 
Rewritecond %{SERVER_PORT} ^80$ 
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}

note: there is a space between {SERVER_PORT} and ^80$

6. Save file and exit.

7. Restart apache2:  SLES 11: rcapache2 restart
                                SLES 12/15: systemctl restart apache2.service

8. Try hitting the your retain server with http and make sure it redirects to https.

NOTE: It is usually best practice to change to Retain worker configuration to always use HTTPS when communicating with the Retain server.  This avoids relying on the Apache rewrite module to change the URL of each of the numerous requests from the worker.  This is configured by changing the Server Protocol in the RetainServer web administration -> Workers -> Connection tab.