Redirect to http port 443 after login

I don’t think that’s the cause. I’ve tried setting only WebBaseURL and WebURL in to ‘https://hostname’, setting only WebPort to 443 and WebDomain commenting out the other Web*URL settings, the result is the same, immediately after a POST the app is sending 301 to HTTP to the client, ignoring these settings

I copied the from our live server (apache) to the dev and just changed “rt” to “rt-dev”, cleaned the mason cache and afterwards tried it. Still the same problem.
Afterwards I cleaned up the configuration of the Web* Stuff to the bare minimum, like you can see on the screenshot. No change.

I also tried just setting ‘$WebBaseURL’ and ‘$WebURL’ (which defaults ‘WebPort’ to 80) and still got the same problem.

Any news on this issue? Any one from Best Practical monitoring?

sadly nothing new from me, still got the problem.
My plan for today is double checking everything again and then open a ticket at best practical directly, including the necessary config files etc. Maybe I get a hint whats going wrong (or the confirmation that there’s a bug in the RT) that way.

In your nginx config there is a fcgi.include ? check to see if this parameter is set for your https server section

fastcgi_param HTTPS on;

Right now there is no fcgi.include. But I will take a look around for that topic and add one. its at least a new approach.

Besides that, like already mentioned I contacted best Practical directly. The answer was a little disapointing but absolutly understandable. They said that one of the devs is already aware of the topic, but in order to track this down further, they would have to setup a new test vm etc. This is beyond what they offer for free support.

Drop HTTP support or redirect to HTTPS everything, it make life simpler now days where you can auto issues certs with lets encrypt. I’m working with nginx for years now, w/o any problems, if you like I can share my config.

I already adjusted my Nginx config that it redirects everything from http to https. Just the RT fcgi server seems to have a problem here. The initial tcpdump was done between fcgi and nginx.
Sharing your config would be great. Maybe I notice a difference that helps me to track down the problem.

Here you go, I hope it will help

1 Like

got no time until today to work on this again.
I got the files, but im still missing something here (most likely understanding). How do you start the fcgi instances with the given files?

Btw, I dropped the complete rt folder and database and started with a (somewhat) clean install again, in order to minimize the space for errors. The RT-Siteconfig is also reduced to the necessary minimum.

I’m using systemd with sockets for that.

e.g if you need 4 instances of rt-server to just enable and start them like this,

for i in {1..4} 
   do systemctl enable --now rt-server@$i.service rt-server@$i.socket

and in the nginx config i have a block like this

upstream rt_backend {
    server unix:/run/rt-server-1.sock;
    server unix:/run/rt-server-2.sock;
    server unix:/run/rt-server-3.sock;
    server unix:/run/rt-server-4.sock;

I used to do that with supervisord but now I’m trying systemd, and it seem to work well for now. I had few cased were rt-server crashed and for some reason systemd didn’t restart the server again, and I had to manually clear the socket files and restart the service.