LTI Tools und SSL

28 views

Skip to first unread message

Stephan Krinetzki

unread,

Jul 19, 2017, 10:05:34 AM7/19/17

to Deutschsprachige Opencast Community

Hallo liebe Community,

im Augenblick versuchen wir Opencast an unserer Lernplattform anzubinden. Das klappt soweit alles auch, nur das einbetten des Videos klappt nicht, da Opencast immer wieder eine http URL schickt:

Request URL: https://engage.example.com/lti

Request Method: POST

Status Code: 302 Found

Remote Address: XXX.XXX.XXX.XXX:443

Referrer Policy: no-referrer-when-downgrade

Response Headers:

Connection: Keep-Alive

Content-Length: 0

Date:

Keep-Alive: timeout=5, max=100

Location: http://engage.example.com/paelle/ui/watch.html?id=XXXXXXX&autoplay=true&mode=embed

Form Data:

custom_tool: https://engage.example.com/paella/ui/watch.html?id=XXXXXXX&autoplay=true&mode=embed

Das sind die m.E. relevanten Auszüge aus dem Request.

Opencast läuft bei uns hinter einem Apache Proxy, der so eingerichtet ist:

 <VirtualHost *:443>
    ServerName engage.example.com
    SSLEngine on
    SSLCertificateFile /etc/httpd/ssl/cert.crt
    SSLCertificateKeyFile /etc/httpd/ssl/cert.key
    SSLCertificateChainFile /etc/httpd/ssl/chain.txt
    SSLProtocol All -SSLv2 -SSLv3
    SSLHonorCipherOrder On
    SSLCompression off
    # Add six earth month HSTS header for all users...
    Header always set Strict-Transport-Security "max-age=15768000"
    SSLCipherSuite 'EDH+CAMELLIA:EDH+aRSA:EECDH+aRSA+AESGCM:EECDH+aRSA+SHA256:EECDH:+CAMELLIA128:+AES128:+SSLv3:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!DSS:!RC4:!SEED:!IDEA:!ECDSA:kEDH:CAMELLIA128-SHA:AES128-SHA'


    # Secured Cookies
    Header edit Set-Cookie ^(.*)$ $1;HttpOnly;Secure


    RemoteIPHeader X-Forwarded-For


    SSLProxyEngine on
    ProxyRequests Off
    ProxyPass / http://localhost:8080/
    ProxyPassReverse /  http://engage.example.com/
    ProxyPreserveHost  On
    RequestHeader set X-Forwarded-SSL "on"
    RedirectMatch ^/$ https://engage.example.com
    Header edit Location ^http(\:\/\/proxy.*)$ https$1
    <Proxy *>
        Require all granted
    </Proxy>


    # Stream Security
    #StreamSecurityEnabled On
    #StreamSecurityKeysPath /etc/httpd/conf.d/stream-security-keys.json
    #SetHandler stream-security


</VirtualHost>

Frage: Warum bekomme ich immer noch eine http-Location zurück? Und wie kann ich das fixen?

Gruß

Stephan

Reply all

Reply to author

Forward

0 new messages