Problems to enable SSL on PWM

[Alberto Viana]

I setup a pwm + apache (reverse proxy) and everything was working fine until I enabled the "Require HTTPS" option. It keeps me showing the following error:

PWM 5044

I Already enabled the SSL connection on apache side. 

apache2(reverse proxy) + SSL ---REDIRECT---> my_local_pwm:8080 (works fine)

apache2(reverse proxy) + SSL ---REDIRECT---> my_local_pwm:8080 with SSL (shows me the error)

Here´s my apache2 config:

ProxyRequests Off

<Proxy *>

        Order deny,allow

        Allow from all

</Proxy>

ProxyPass /pwm http://localhost:8080/pwm

ProxyPassReverse /pwm http://localhost:8080/pwm

SSLEngine On

SSLProxyEngine on

SSLCertificateFile /etc/apache2/ssl/cert.crt

SSLCertificateKeyFile /etc/apache2/ssl/cert.key

After enable SSL on pwm side I tried also the following config:

ProxyPass /pwm https://localhost:8080/pwm

ProxyPassReverse /pwm https://localhost:8080/pwm

But still not working. Should I config anything on tomcat side? 

What exactly should I do to get this working? 

Thanks!

Alberto Viana

[Menno Pieters]

On Thu, Dec 6, 2012 at 2:03 PM, Alberto Viana <alber...@gmail.com> wrote:

I setup a pwm + apache (reverse proxy) and everything was working fine until I enabled the "Require HTTPS" option. It keeps me showing the following error:

This option requires the connection to Tomcat to be made using HTTPS. Probably better and easier is to force the user from HTTP to HTTPS in Apache: redirect all incoming traffic on port 80 to 443, by making a virtual host on port 80 to do just that. Another option may be to try and use ajp instead of http to forward the request to Tomcat. Have a look at tomcat documentation on how to setup the AJP listening port.

Regards,

Menno
 

PWM 5044

I Already enabled the SSL connection on apache side. 

apache2(reverse proxy) + SSL ---REDIRECT---> my_local_pwm:8080 (works fine)

apache2(reverse proxy) + SSL ---REDIRECT---> my_local_pwm:8080 with SSL (shows me the error)

Here´s my apache2 config:

ProxyRequests Off

<Proxy *>

        Order deny,allow

        Allow from all

</Proxy>

ProxyPass /pwm http://localhost:8080/pwm

ProxyPassReverse /pwm http://localhost:8080/pwm

SSLEngine On

SSLProxyEngine on

SSLCertificateFile /etc/apache2/ssl/cert.crt

SSLCertificateKeyFile /etc/apache2/ssl/cert.key

After enable SSL on pwm side I tried also the following config:

ProxyPass /pwm https://localhost:8080/pwm

ProxyPassReverse /pwm https://localhost:8080/pwm

But still not working. Should I config anything on tomcat side? 

What exactly should I do to get this working? 

Thanks!

Alberto Viana

--
You received this message because you are subscribed to the Google Groups "pwm-general" group.
To post to this group, send email to pwm-g...@googlegroups.com.
To unsubscribe from this group, send email to pwm-general...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msg/pwm-general/-/cncIrcV18i4J.
For more options, visit https://groups.google.com/groups/opt_out.
 
 

[Alberto Viana]

Thanks so much, I got it and now everything is working as expected.

I Just have 1 more doubt, as I see that after "lock configuration file" I loose acess to the "PWM Configuration Editor"

Is that rigth? Can I unlock it again? Is there any another way to edit the config via browser?

Regards,

Alberto Viana

[Joshua Ellsworth]

You have to go into the config file and set "configIsEditable" to "true" in order to use the configuration editor again. Leaving the config unlocked is not a good idea in a production environment.

--

You received this message because you are subscribed to the Google Groups "pwm-general" group.
To post to this group, send email to pwm-g...@googlegroups.com.
To unsubscribe from this group, send email to pwm-general...@googlegroups.com.

[Alberto Viana]

Thanks!

[barr...@gmail.com]

Hi Albert:

Any procedure and guideline u have to make pwm work with https , the simpliest steps.???

I tried your config in httpd.conf but not able to work.

Regards