Environment
Retain Unified Archiving 4.0+
SUSE Linux Enterprise Server 12
SUSE Linux Enterprise Server 15
SUSE Linux Enterprise Server 15
Situation
Want to force/redirect all traffic to use TLS/SSL when logging into Retain
Resolution
If Apache is not setup for TLS please follow this TID:
To redirect all traffic to use TLS:
1. Change directories to /usr/lib64/apache2/ and make sure the file mod_rewrite.so is there.
note: if mod_rewrite.so is not present, run the command: a2enmod rewrite
2. Change directories to /etc/sysconfig and use an editor to open the apache2 file.
3. Once apache2 is open, find the APACHE_MODULES= line and make sure rewrite is somewhere within the quotes.
note: if rewrite is not there then add it. Just has to be the word rewrite, NOT the module name mod_rewrite.so
4. Change directories to /etc/apache2 and open the httpd.conf file with a text editor.
5. Go to the bottom of the file and add these lines:
RewriteEngine on
Rewritecond %{SERVER_PORT} ^80$
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
note: there is a space between {SERVER_PORT} and ^80$
6. Save file and exit.
7. Restart apache2: SLES 11: rcapache2 restart
SLES 12/15: systemctl restart apache2.service
8. Try hitting the your retain server with http and make sure it redirects to https.
NOTE: It is usually best practice to change to Retain worker configuration to always use HTTPS when communicating with the Retain server. This avoids relying on the Apache rewrite module to change the URL of each of the numerous requests from the worker. This is configured by changing the Server Protocol in the RetainServer web administration -> Workers -> Connection tab.