[mod_proxy] Login always redirects user to HTTP (while 'RequestHeader' forwards HTTPS)

[lmol...@gmail.com]

Dear community,

I have placed SonarQube behind a Apache v2.4.17 reverse proxy and somehow the login always redirect the user to the HTTP website (Apache is not listening on port 80 so that means a page load timeout). I use the following configuration at the moment:

AllowEncodedSlashes NoDecode

#Sonar
 <Location /sonar/>
 ProxyPass https://172.16.0.127/sonar/
 ProxyPassReverse https://public-domain/sonar/
 Order Allow,Deny
 Allow from all
 RequestHeader set X-Forwarded-Proto "https"
 RequestHeader set X-Forwarded-Port "443
 </Location>

But after login:

POST /sonar/sessions/login HTTP/1.1
Host: public-domain:443
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.8
Content-Type: application/x-www-form-urlencoded
Cookie: JSESSIONID=9083A899B9A5ABB8E8582CBE9D603E49; AJS.conglomerate.cookie="|HIPCHAT_ADMIN_BANNER_DISMISS=true"; wikidb_1220_session=8465a5ea309e3af89f953adfe8de1eb6; wikidb_1220UserID=1; wikidb_1220UserName=Lmolenaar
Origin: https://public-domain
Referer: https://public-domain/sonar/sessions/login
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.71 Safari/537.36


HTTP/1.1 302 Found
Cache-Control: no-cache
Connection: Keep-Alive
Content-Length: 98
Content-Type: text/html;charset=utf-8
Date: Fri, 23 Oct 2015 15:57:51 GMT
Keep-Alive: timeout=5, max=100
Location: http://public-domain/sonar/
Server: Apache-Coyote/1.1
Via: 1.1 public-domain
X-Runtime: 873

Note the location referring to HTTP (instead of httpS)

My guess is that the HTTPS protocol is not set by the 'RequestHeader set' directive but I am clueless why that would be the case. Any insight would be very welcome!

[Michel Pawlak]

Cross post: http://stackoverflow.com/questions/33261385/sonarqube-behind-https-proxy-with-x-forwarded-proto