I’ve just completed a migration from our ancient RT 3.8.8 install to a
shiny new 4.2.12 install (using the Fedora packages). Everything went
smoothly except for a few Selinux issues (relating to a domain
transition between the MTA and rt-mailgate) which I’m working out with
the Fedora selinux folks.
There’s one issue which I’ve not yet manage to figure out, however. I’m
afraid it must be a FAQ but I can’t find any solution which applies. My
web server is configured to redirect any http access to the
corresponding https: URL and RT itself is only configured to use port
443. However, immediately after login, RT itself issues a redirect that
sends the user to an http: URL. This is of course immediately directed
back to https: by the web server, but when that happens I see the
following:
[warning]: The requested port (80) does NOT match the configured WebPort (443). Perhaps you should Set($WebPort, 80); in RT_SiteConfig.pm, otherwise your internal links may be broken. (/usr/share/perl5/vendor_perl/RT/Interface/Web.pm:1308
So far this is merely annoying; everything seems to function properly.
But I simply cannot figure out any way to keep RT from redirecting the
user to an http: URL after login. I’ve played with
$CanonicalizeRedirectURLs and $WebBaseURL but they seem to make no
difference in this case. $WebPort is set to 443 as indicated in the
message.
Is there some magical configuration setting I’m missing, or have I
perhaps messed something else up?
Someone may later say this is incorrect, but in my config, my web port is
still 80. I have:
Set($WebBaseURL,
‘https://’
. RT->Config->Get(‘WebDomain’)
);
Then I used Apache mod_rewrite:
RewriteEngine On
RewriteCond %{SERVER_PORT} !^443$
RewriteRule ^.*$ https://rt.domain.com/%{REQUEST_URI} [L,R]On Wed, Sep 23, 2015 at 3:50 PM, Jason L Tibbitts III tibbs@math.uh.edu wrote:
I’ve just completed a migration from our ancient RT 3.8.8 install to a
shiny new 4.2.12 install (using the Fedora packages). Everything went
smoothly except for a few Selinux issues (relating to a domain
transition between the MTA and rt-mailgate) which I’m working out with
the Fedora selinux folks.
There’s one issue which I’ve not yet manage to figure out, however. I’m
afraid it must be a FAQ but I can’t find any solution which applies. My
web server is configured to redirect any http access to the
corresponding https: URL and RT itself is only configured to use port
443. However, immediately after login, RT itself issues a redirect that
sends the user to an http: URL. This is of course immediately directed
back to https: by the web server, but when that happens I see the
following:
[warning]: The requested port (80) does NOT match the configured WebPort
(443). Perhaps you should Set($WebPort, 80); in RT_SiteConfig.pm,
otherwise your internal links may be broken.
(/usr/share/perl5/vendor_perl/RT/Interface/Web.pm:1308
So far this is merely annoying; everything seems to function properly.
But I simply cannot figure out any way to keep RT from redirecting the
user to an http: URL after login. I’ve played with
$CanonicalizeRedirectURLs and $WebBaseURL but they seem to make no
difference in this case. $WebPort is set to 443 as indicated in the
message.
Is there some magical configuration setting I’m missing, or have I
perhaps messed something else up?
“MB” == Matt Brennan brennanma@gmail.com writes:
MB> Someone may later say this is incorrect, but in my config, my web
MB> port is still 80. I have:
If I switch it around I get the opposite complaint.
MB> Then I used Apache mod_rewrite:
I just do a redirectmatch.
RedirectMatch permanent ^$ https://XXX/
RedirectMatch permanent ^/(.*) https://XXX/$1
This is on a virtualhost that listens on port 80 and serves no RT
content. The virtualhost which serves RT listens only on port 443.
I suppose there’s a possibility that RT just doesn’t like that kind of
thing, but I still don’t see how any of this would cause RT to redirect
to an http URL after someone has logged into the site.
I’ll keep poking at it. Maybe I do need to set WebBaseURL or WebURL,
though the documentation explicitly says that I shouldn’t need to do so.