Rt3 mail gateway and ssl

While testing an installation of rt 3 (3.0.2) I got:
[root@dhcp0 smrsh]# /opt/rt3/bin/rt-mailgate --queue general --action
correspond --url https://dhcp0/
from:test
subject:test
to:rt

wiyui yuiuy iuyi
uijoljk
.
An Error Occurred

501 Protocol scheme ‘https’ is not supported

Does this mean ssl is not supported by the mail gateway or something else?

Hi!

If you have Login via REMOTE User set to ON (so rt loggs in automatically
if it finds some login information - if you protect this dir per
.htaccess for example) und you hit LOGOUT - > you get to
NoAuth/Logout.html, but then there is a META REFRESH Set to http://RT
Url, so you alway get back to RT Front Url, and then Logged in => so you
cant logout :wink:

Help: Nuke this META REFRESH line from NoAuth/Logout.html :slight_smile:

Hermann

Hi!

=================

501 Protocol scheme ‘https’ is not supported

Does this mean ssl is not supported by the mail gateway or something else?

Try -url http://your.site.com:443. Because i have protected my site per
.httaccess file, this doesn’t work, but maybe without it does.
(Port 443 is SSL in most systems)

Hermann

501 Protocol scheme ‘https’ is not supported
Does this mean ssl is not supported by the mail gateway or something else?

Try -url http://your.site.com:443. Because i have protected my site per
.httaccess file, this doesn’t work, but maybe without it does.
(Port 443 is SSL in most systems)

Talking HTTP to port 443 does not help.

The message comes from LWP that can’t load the https protocol module,
probably because Net::SSLeay or Crypt::SSLeay hasn’t been installed
yet.

CPAN is your friend :slight_smile:

Greetings,
,eM""=. a"-. Michael van Elst
dWWMWM" - :GM==; mlelstv@dev.de.cw.net
:WWMWMw=–. “W=’ cable & wireless
9WWMm==-.
”-Wmw-" CABLE & WIRELESS

501 Protocol scheme ‘https’ is not supported
Does this mean ssl is not supported by the mail gateway or something else?

The docs say “If you intend to use SSL to secure your mail gateway, you
need to make sure that lib-www-perl, a.k.a LWP, is built with SSL
support.”

There is a separate CPAN-module that gives LWP this functionality, but I
can’t remember the name.

Kristian R�nningen krmm@nordkapp.net

501 Protocol scheme ‘https’ is not supported
Does this mean ssl is not supported by the mail gateway or something else?

Try -url http://your.site.com:443. Because i have protected my site per
.httaccess file, this doesn’t work, but maybe without it does.
(Port 443 is SSL in most systems)

Talking HTTP to port 443 does not help.

The message comes from LWP that can’t load the https protocol module,
probably because Net::SSLeay or Crypt::SSLeay hasn’t been installed
yet.

CPAN is your friend :slight_smile:

I had the same problem and after trawling the rt-{users,devel} archives I installed Net_SSLeay.pm-1.22.tar.gz but I got the same result (yes, I restarted apache.) Then I re-installed LWP and restarted apache and I still got the same error. In the end I configured apache to open up HTTP access from the mailgate host (in this case localhost) and it seems to work.

If anyone solves this problem properly I would be most interested in the recipe.

Ian
Ian Grant, Computer Lab., William Gates Building, JJ Thomson Ave., Cambridge
Phone: +44 1223 334420

Installed
C/CH/CHAMAS/Crypt-SSLeay-0.49.tar.gz
and works now also with https.

HermannOn Wed, 21 May 2003, Ian Grant wrote:

On Wed, May 21, 2003, Hermann Stern wrote:

501 Protocol scheme ‘https’ is not supported
Does this mean ssl is not supported by the mail gateway or something else?

Try -url http://your.site.com:443. Because i have protected my site per
.httaccess file, this doesn’t work, but maybe without it does.
(Port 443 is SSL in most systems)

Talking HTTP to port 443 does not help.

The message comes from LWP that can’t load the https protocol module,
probably because Net::SSLeay or Crypt::SSLeay hasn’t been installed
yet.

CPAN is your friend :slight_smile:

I had the same problem and after trawling the rt-{users,devel} archives I installed Net_SSLeay.pm-1.22.tar.gz but I got the same result (yes, I restarted apache.) Then I re-installed LWP and restarted apache and I still got the same error. In the end I configured apache to open up HTTP access from the mailgate host (in this case localhost) and it seems to work.

If anyone solves this problem properly I would be most interested in the recipe.

Ian

Ian Grant, Computer Lab., William Gates Building, JJ Thomson Ave., Cambridge
Phone: +44 1223 334420

Help: Nuke this META REFRESH line from NoAuth/Logout.html :slight_smile:

No - this would just give users a false sense of security, since they
aren’t logged out. With external auth, it’s impossible to log out, at
least via server-side mechanisms.

Sebastian

Sebastian Flothow
sebastian@flothow.de

Because it reverses the logical flow of conversation.
Why is top posting frowned upon?

Help: Nuke this META REFRESH line from NoAuth/Logout.html :slight_smile:

No - this would just give users a false sense of security, since they
aren’t logged out. With external auth, it’s impossible to log out, at
least via server-side mechanisms.

It is indeed possible. All you need is to hook up a mod_perl
handler that consistently returns AUTH_REQUIRED, coupled with
a cookie that tracks the state of changes.

Please refer to line 122 and below in:
http://p4.elixus.org/depot/pause/lib/pause_1999/authen_user.pm

for a concrete example (that runs pause.perl.org).

Thanks,
/Autrijus/

Ian Grant wrote:

I had the same problem and after trawling the rt-{users,devel} archives I installed Net_SSLeay.pm-1.22.tar.gz but I got the same result (yes, I restarted apache.) Then I re-installed LWP and restarted apache and I still got the same error. In the end I configured apache to open up HTTP access from the mailgate host (in this case localhost) and it seems to work.

If anyone solves this problem properly I would be most interested in the recipe.

Ian

Installing Crypt::SSLeay did the trick.

So that means RT should hide the LOGOUT Button from UI, if
the user is logged in via REMOTE_User.
No funcionality => no button

HermannOn Wed, 21 May 2003, Sebastian Flothow wrote:

Help: Nuke this META REFRESH line from NoAuth/Logout.html :slight_smile:

No - this would just give users a false sense of security, since they
aren’t logged out. With external auth, it’s impossible to log out, at
least via server-side mechanisms.

Sebastian


Sebastian Flothow
sebastian@flothow.de

Because it reverses the logical flow of conversation.
Why is top posting frowned upon?


rt-users mailing list
rt-users@lists.fsck.com
http://lists.fsck.com/mailman/listinfo/rt-users

Have you read the FAQ? The RT FAQ Manager lives at http://fsck.com/rtfm