How to redirect apache to TLS/SSL for Retain

  • 7024645
  • 27-May-2020
  • 27-May-2020

Environment

Retain Unified Archiving 4.0+

SUSE Linux Enterprise Server 12
SUSE Linux Enterprise Server 15

Situation

Want to force/redirect all traffic to use TLS/SSL when logging into Retain

Resolution

If Apache is not setup for TLS please follow this TID:


To redirect all traffic to use TLS:

1. Change directories to /usr/lib64/apache2/ and make sure the file mod_rewrite.so is there.
note: if mod_rewrite.so is not present, run the command: a2enmod rewrite

2. Change directories to /etc/sysconfig and use an editor to open the apache2 file.

3. Once apache2 is open, find the APACHE_MODULES= line and make sure rewrite is somewhere within the quotes.
note: if rewrite is not there then add it. Just has to be the word rewrite, NOT the module name mod_rewrite.so


4. Change directories to /etc/apache2 and open the httpd.conf file with a text editor.

5. Go to the bottom of the file and add these lines:
RewriteEngine on 
Rewritecond %{SERVER_PORT} ^80$ 
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}

note: there is a space between {SERVER_PORT} and ^80$

6. Save file and exit.

7. Restart apache2:  SLES 11: rcapache2 restart
                                SLES 12/15: systemctl restart apache2.service

8. Try hitting the your retain server with http and make sure it redirects to https.

NOTE: It is usually best practice to change to Retain worker configuration to always use HTTPS when communicating with the Retain server.  This avoids relying on the Apache rewrite module to change the URL of each of the numerous requests from the worker.  This is configured by changing the Server Protocol in the RetainServer web administration -> Workers -> Connection tab.

 

Feedback service temporarily unavailable. For content questions or problems, please contact Support.