[Koha-bugs] [Bug 21044] New: Error 400 'broken link' when enabling SSL from end to end
bugzilla-daemon at bugs.koha-community.org
bugzilla-daemon at bugs.koha-community.org
Fri Jul 6 11:26:25 CEST 2018
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21044
Bug ID: 21044
Summary: Error 400 'broken link' when enabling SSL from end to
end
Change sponsored?: ---
Product: Koha
Version: unspecified
Hardware: All
OS: All
Status: NEW
Severity: enhancement
Priority: P5 - low
Component: Architecture, internals, and plumbing
Assignee: koha-bugs at lists.koha-community.org
Reporter: henri.jacob at univ-rennes1.fr
QA Contact: testopia at bugs.koha-community.org
Our Koha services (v16.05) are hosted on a CentOS server behind a http
reverse-proxy (Apache) in mod_cgi mode.
We plan to offer SSL access "from end to end" to both staff and opac clients.
For this purpose, we configured the Apache Koha server like this:
Apache configuration file /etc/httpd/conf.d/ssl.conf (with auto-certified
certificate):
SSLEngine on
SSLProtocol all -SSLv3
SSLCipherSuite ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-......
SSLHonorCipherOrder on
SSLCompression off
SSLCertificateFile
/etc/certificats/auto-signes/<koha-server>.crt
SSLCertificateKeyFile
/etc/certificats/auto-signes/<koha-server>.key
And the http reverse-proxy is configured like that :
<VirtualHost xxx.yyy.zzz.www:443>
ServerName xxxxxxxx
Use SSL sssssss.univ-rennes1.fr
Include conf/SSLProxy-authentifie.conf
SSLProxyCACertificateFile /etc/certificats/auto-signes/<koha-server>.crt
ProxyPass / http://<koha-server>:8880/ min=0 max=100 smax=50 ttl=10
timeout=900
ProxyPassReverse / http://<koha-server>:8880/
</VirtualHost>
Why do the 'broken link' error occur ? We have seen some hard-coded references
like 'http://localhost' and 'http://localhost:8080' .
Should we modify all these references to 'http://localhost' and
'https://localhost:8443' ?
Does-it works with an auto-certified certificate ?
We read these pages about this subject:
Enabling SSL for Koha staff view :
https://lists.katipo.co.nz/public/koha/2011-May/029006.html
Access Koha via SSL :
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=5576
Thank you for any suggestion,
best regards,
Henri Jacob
--
You are receiving this mail because:
You are watching all bug changes.
You are the assignee for the bug.
More information about the Koha-bugs
mailing list