I don’t think that’s the cause. I’ve tried setting only WebBaseURL and WebURL in RT_SiteConfig.pm to ‘https://hostname’, setting only WebPort to 443 and WebDomain commenting out the other Web*URL settings, the result is the same, immediately after a POST the app is sending 301 to HTTP to the client, ignoring these settings
I copied the RT_SiteConfig.pm from our live server (apache) to the dev and just changed “rt” to “rt-dev”, cleaned the mason cache and afterwards tried it. Still the same problem.
Afterwards I cleaned up the configuration of the Web* Stuff to the bare minimum, like you can see on the screenshot. No change.
I also tried just setting ‘$WebBaseURL’ and ‘$WebURL’ (which defaults ‘WebPort’ to 80) and still got the same problem.
Any news on this issue? Any one from Best Practical monitoring?
Hey,
sadly nothing new from me, still got the problem.
My plan for today is double checking everything again and then open a ticket at best practical directly, including the necessary config files etc. Maybe I get a hint whats going wrong (or the confirmation that there’s a bug in the RT) that way.
In your nginx config there is a fcgi.include ? check to see if this parameter is set for your https server section
fastcgi_param HTTPS on;
Right now there is no fcgi.include. But I will take a look around for that topic and add one. its at least a new approach.
Besides that, like already mentioned I contacted best Practical directly. The answer was a little disapointing but absolutly understandable. They said that one of the devs is already aware of the topic, but in order to track this down further, they would have to setup a new test vm etc. This is beyond what they offer for free support.
Drop HTTP support or redirect to HTTPS everything, it make life simpler now days where you can auto issues certs with lets encrypt. I’m working with nginx for years now, w/o any problems, if you like I can share my config.
I already adjusted my Nginx config that it redirects everything from http to https. Just the RT fcgi server seems to have a problem here. The initial tcpdump was done between fcgi and nginx.
Sharing your config would be great. Maybe I notice a difference that helps me to track down the problem.
Here you go, I hope it will help
1 Like
Hey,
got no time until today to work on this again.
I got the files, but im still missing something here (most likely understanding). How do you start the fcgi instances with the given files?
Btw, I dropped the complete rt folder and database and started with a (somewhat) clean install again, in order to minimize the space for errors. The RT-Siteconfig is also reduced to the necessary minimum.
I’m using systemd with sockets for that.
e.g if you need 4 instances of rt-server to just enable and start them like this,
for i in {1..4}
do systemctl enable --now rt-server@$i.service rt-server@$i.socket
done
and in the nginx config i have a block like this
upstream rt_backend {
server unix:/run/rt-server-1.sock;
server unix:/run/rt-server-2.sock;
server unix:/run/rt-server-3.sock;
server unix:/run/rt-server-4.sock;
}
I used to do that with supervisord but now I’m trying systemd, and it seem to work well for now. I had few cased were rt-server crashed and for some reason systemd didn’t restart the server again, and I had to manually clear the socket files and restart the service.
I’m just going to add that I too and experiencing the same issue.
Everything set to https and on successful login, no matter what I do - it redirects me to http.
I cannot enable http -> https redirection at my frontend proxy layer (varnish) as rt isn’t the only thing it will effect.
It definitely seems to me that https is being directed to http on login by RT itself, inline with all the other comments.
Hey,
with your help and some work I managed to get it running. The login works now with https but in stead I have another problem: the Logout doesnt work anymore. If I return to the main page after logging out, I’m logged in again.
@STOIE somewhat good to hear that I’m not the only one that has this kind of problems.
I had the logout problem as well, I think it’s caching reladed, if you force a refresh with CTRL+F5 do you still logged in?
Yes. I also already experimented a little with the cache settings for Nginx, but until now no luck.
After some work I finally manged to get it running. I still belive that there is something wrong with the RT itself, but over the weeks I spend more than enough time in this topic.
Some tests with the dev system in order to make sure everything works fine, migrating the stuff and then the topic is, at least for now, done for me.
Ty again for all the help.
Hello,
I do not know if you resolve the problem with the redirect from https to http://IP:443.
But I had the same problem, and I resolved it adding “fastcgi_param HTTPS on;” to “location /” section at nginx server block.