Groups keyboard shortcuts have been updated
Dismiss
See shortcuts

From Apache SSL to Rundeck http

25 views
Skip to first unread message

Roberto León López

unread,
Feb 5, 2025, 1:46:54 PMFeb 5
to rundeck...@googlegroups.com
I have a Rundeck 4.17.6-20240402 instance and I have managed to get Apache working and redirecting from port 80 to 4440.

The problem comes when I want Apache to handle SSL traffic and redirect to Rundeck on the unencrypted port 4440, this is my configuration:

<IfModule ssl_module>
        <VirtualHost _default_:443>

                ServerAdmin webmaster@localhost
                DocumentRoot /var/www/html

                SSLEngine on

                SSLCertificateFile    /etc/ssl/certs/apache-selfsigned.crt
                SSLCertificateKeyFile /etc/ssl/private/apache-selfsigned.key

                # reverse proxy config
                ProxyPass / http://rundeckprueba.eprinsa.org:4440/
                ProxyPassReverse / http://rundeckprueba.eprinsa.org:4440/
                ProxyRequests Off
                ProxyPreserveHost On

                # Local reverse proxy authorization override
                <Proxy http://rundeckprueba.eprinsa.org:4440>
                        Order deny,allow
                        Allow from all
                </Proxy>

                 ErrorLog ${APACHE_LOG_DIR}/error_Rundeck.log
                 TransferLog ${APACHE_LOG_DIR}/access_Rundeck.log
        </VirtualHost>
</IfModule>



The relevant part of the framework.properties file is:

framework.server.hostname = rundeckprueba.eprinsa.org
framework.server.port = 4440
framework.server.url = http://rundeckprueba.eprinsa.org
framework.rundeck.url = http://rundeckprueba.eprinsa.org

The relevant part of the file rundeck-config.properties:

server.port=4440

In Apache I see the access and redirection with the log:

10.2.103.1 - - [05/Feb/2025:19:31:12 +0100] "GET / HTTP/1.1" 302 -

But in the web browser with the url https://replicator.eprinsa.org it redirects to http:/replicator.eprinsa.org/user/login and cannot load the web.

--

rac...@rundeck.com

unread,
Feb 5, 2025, 1:50:40 PMFeb 5
to rundeck-discuss
Hi!

Please take a look at this working example. Make sure to set the SSL port on the grails.serverURL parameter.

Regards!

Roberto León López

unread,
Feb 6, 2025, 12:14:17 PMFeb 6
to rundeck...@googlegroups.com
I needed to indicate to Apache the use of the headers with:

REQUESTHEADER SET X-FORWARDED-PROTO "HTTPS"
REQUESTHEADER SET X-FORWARDED-PORT "443"

Now I have been able to break SSL in Apache and leave Rundeck with a simple HTTP in port 4440

--
You received this message because you are subscribed to the Google Groups "rundeck-discuss" group.
To unsubscribe from this group and stop receiving emails from it, send an email to rundeck-discu...@googlegroups.com.
To view this discussion visit https://groups.google.com/d/msgid/rundeck-discuss/acfecb27-20ca-4071-9989-98af4d1ef0f7n%40googlegroups.com.
Reply all
Reply to author
Forward
0 new messages