Project

General

Profile

The configuration for ssl

Added by Igor Sotnikov almost 8 years ago

Hello. When we try to put our service to https error appears: "Error Code 10061: Connection refused
Background: When the gateway or proxy server contacted the upstream (Web) server, the connection was refused. This usually results from trying to connect to a service that is inactive on the upstream server.".

Please, help.

That configuration files:

<VirtualHost *:8080> 
  ServerName redminecpm
  ServerAlias helpdesk.koruscpm.ru
  ErrorLog "logs/error.log" 
  CustomLog "logs/access.log" combined

  <DirectoryMatch "^/.*/\.svn/">
    ErrorDocument 403 /404.html
    Order allow,deny
    Deny from all
    Satisfy All
  </DirectoryMatch>

  RewriteEngine On

  # Redirect any non HTTPS requests to the HTTPS server
  RewriteCond %{DOCUMENT_ROOT}/%{REQUEST_FILENAME} !-f
  RewriteRule ^/(.*)$ balancer://redminecluster%{REQUEST_URI} [P,QSA,L]

</VirtualHost>

NameVirtualHost *:443
<VirtualHost *:443>
  ServerName redminecpm
  ServerAlias helpdesk.koruscpm.ru
  ErrorLog "logs/error.log" 
  CustomLog "logs/access.log" combined

  SSLEngine on
  #SSLCertificateFile /etc/apache2/apache.pem
  SSLCertificateFile "C:/BitNami/redmine/apache2/conf/my_cert.crt" 
  SSLCertificateKeyFile "C:/BitNami/redmine/apache2/conf/pem_server.key" 

  RequestHeader set X_FORWARDED_PROTO 'https'
  ServerAdmin webmaster@localhost
  RewriteEngine On

 <DirectoryMatch "^/.*/\.svn/">
    ErrorDocument 403 /404.html
    Order allow,deny
    Deny from all
    Satisfy All
  </DirectoryMatch>

  # Uncomment for rewrite debugging
#  RewriteLog /tmp/myapp_rewrite_log
#  RewriteLogLevel 9 

  # Check for maintenance file and redirect all requests
  RewriteCond %{DOCUMENT_ROOT}/system/maintenance.html -f
  RewriteCond %{SCRIPT_FILENAME} !maintenance.html
  RewriteRule ^.*$ /system/maintenance.html [L]

  # Rewrite index to check for static
  RewriteRule ^/$ /cache/index.html [QSA] 

  # Rewrite to check for Rails cached page
  RewriteRule ^([^.]+)$ /cache/$1.html [QSA]

  # Redirect all non-static requests to cluster
  RewriteCond %{DOCUMENT_ROOT}/%{REQUEST_FILENAME} !-f
  RewriteRule ^/(.*)$ balancer://redminecluster%{REQUEST_URI} [P,QSA,L]

  ErrorLog "logs/error.log" 
  CustomLog "logs/access.log" combined

  ServerSignature Off
</VirtualHost>

<Proxy balancer://redminecluster>
  BalancerMember http://127.0.0.1:3001
  BalancerMember http://127.0.0.1:3002
</Proxy>


Replies (3)

RE: The configuration for ssl - Added by Igor Sotnikov almost 8 years ago

And I have another problem. After I used this configuration, the home page has been changed to "BitNami greeting"-page (I didn't change the other configuration file and have returned to the original). But it works very strange, because that is in the local network - this "BitNami", but in the global - this superposition (can be loaded "BitNami", or homepage)...

Please, help me.

Thanks you.

RE: The configuration for ssl - Added by Cheyenne Wills almost 8 years ago

I posted this elsewhere, but will repeat it here. It appears that Rails 4 is more picky on the headers now. We had to change the apache setting in our proxy servers:

RequestHeader set X_FORWARDED_PROTO "https" 

to

RequestHeader set X-Forwarded-Proto "https" 

We also had a "bug" in one of our utilities that uses the RestAPI that has worked for years. One of the headers was incorrect, and it started failing with a 400 Invalid Header response

We upgraded from Redmine 2.6 -> Redmine 3.3

RE: The configuration for ssl - Added by dongshan he almost 6 years ago

hi, bro, I want deploy a redmine cluster, can you help me how to do it?

    (1-3/3)