Hello All, I've been racking my brain on this for a couple of days and figured I'd post here before I refactor my entire setup. Basically what we are doing is, we have two servers - one is a standard apache web node that acts as a proxy server and terminates SSL, then we have reviewboard being proxied behind that.
I've got everything setup and working with the exception of one piece. I can upload a diff, I can add titles, descriptions, reviewers, etc. Tracing the requests I can see that https is being returned as the request URL, HOWEVER, when you go to publish a review, we get a 304 error and the request URL is a non-https link. I'm doing the rewriting from the web node directly, with a mod_rewrite specifically calling out that its proxied (but changing or completely removing the options doesn't make any difference) For reference, here's the rewrite :: RewriteCond %{HTTPS} off RewriteRule .* https://%{HTTP_HOST}%{REQUEST_URI} [R=301,P,PT,L] When I click on publish, essentially I see two requests (and nothing at all in the debug logs, etc) The first :: Request URL:* https://reviewboard.boku.com/reviews/api/review-requests/189/?api_format=json * Request Method:GET Status Code:304 NOT MODIFIED Request Headersview source Accept:application/json, text/javascript, */* Accept-Charset:ISO-8859-1,utf-8;q=0.7,*;q=0.3 Accept-Encoding:gzip,deflate,sdch Accept-Language:en-US,en;q=0.8 Cache-Control:max-age=0 Connection:keep-alive Cookie:rbsessionid=bbf077166394571eaaf514053e6c4691; __utma=109258518.568604164.1352840613.1352938162.1354736370.4; __utmc=109258518; __utmz=109258518.1352929269.2.2.utmcsr=google|utmccn=( organic)|utmcmd=organic|utmctr=(not%20provided); csrftoken= b6dec71b9219e2090d9d98acf203e1f4 Host:reviewboard.boku.com If-Modified-Since:Wed, 05 Dec 2012 22:02:11 GMT Referer:https://reviewboard.boku.com/reviews/r/189/ User-Agent:Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_5) AppleWebKit/537.11 (KHTML, like Gecko) Chrome/23.0.1271.95 Safari/537.11 X-Requested-With:XMLHttpRequest Query String Parametersview URL encoded api_format:json Response Headersview source Cache-Control:max-age=0 Connection:close Date:Thu, 06 Dec 2012 00:12:46 GMT Expires:Thu, 06 Dec 2012 00:12:48 GMT Server:Apache/2.2.15 (CentOS) Vary:Accept,Cookie,Accept-Language The second :: Request URL:* http://reviewboard.boku.com/reviews/api/review-requests/189/draft/* Request Method:OPTIONS Status Code:200 OK Request Headersview source Accept:*/* Accept-Charset:ISO-8859-1,utf-8;q=0.7,*;q=0.3 Accept-Encoding:gzip,deflate,sdch Accept-Language:en-US,en;q=0.8 Access-Control-Request-Headers:origin, x-requested-with, content-type, accept Access-Control-Request-Method:PUT Connection:keep-alive Host:reviewboard.boku.com Origin:https://reviewboard.boku.com User-Agent:Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_5) AppleWebKit/537.11 (KHTML, like Gecko) Chrome/23.0.1271.95 Safari/537.11 Response Headersview source Allow:GET,HEAD,POST,OPTIONS Connection:close Content-Length:0 Content-Type:text/plain; charset=UTF-8 Date:Thu, 06 Dec 2012 00:12:48 GMT Server:Apache literally every other request comes in via HTTPS, clicking on links, performing actions, etc. the ONLY thing that fails is publishing. I'm not sure what to do next at this point so I wanted to see if anyone had ever run into this. Below I will also paste the apache config for the proxy/ssl term server and the web head for comparison. SSL Proxy :: <VirtualHost 192.168.200.124:443> ServerName reviewboard.COMPANYNAME.com<http://reviewboard.companyname.com/> SSLEngine on SSLProtocol all -SSLv2 SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW SSLCertificateFile /etc/pki/entrust-certs/ star.COMPANYNAME.com/star.COMPANYNAME.com.crt<http://star.companyname.com/star.COMPANYNAME.com.crt> SSLCertificateKeyFile /etc/pki/entrust-certs/ star.COMPANYNAME.com/star.COMPANYNAME.com.key<http://star.companyname.com/star.COMPANYNAME.com.key> SSLCACertificateFile /etc/pki/entrust-certs/ star.COMPANYNAME.com/star.COMPANYNAME.com_bundle.crt<http://star.companyname.com/star.COMPANYNAME.com_bundle.crt> # SSLCertificateFile /etc/pki/tls/certs/COMPANYNAME.com.crt # SSLCertificateKeyFile /etc/pki/tls/certs/COMPANYNAME.com.key # SSLCACertificateFile /etc/pki/tls/certs/gd_bundle.crt # Default to not cache anything ExpiresActive On ExpiresDefault "access plus 0 seconds" # Cache just images ExpiresByType image/gif "access plus 10 minutes" ExpiresByType image/jpg "access plus 10 minutes" ExpiresByType image/png "access plus 10 minutes" proxyPreserveHost On ProxyRequests On ProxyPass / http://reviewboard01.local-COMPANYNAME.net:8080/<http://reviewboard01.local-companyname.net:8080/> ProxyPassReverse / http://reviewboard01.local-COMPANYNAME.net:8080/<http://reviewboard01.local-companyname.net:8080/> <Location /> ProxyPassReverse / Order deny,allow Allow from all </Location> RequestHeader edit Location ^http://reviewboard.COMPANYNAME.com/<http://reviewboard.companyname.com/> https://reviewboard.COMPANYNAME.com/ <https://reviewboard.companyname.com/> CustomLog /var/log/httpd/reviewboard.COMPANYNAME.com-access.log common ErrorLog /var/log/httpd/reviewboard.COMPANYNAME.com-error.log SetEnv HTTPS on </VirtualHost> <VirtualHost *:80> ServerName reviewboard.COMPANYNAME.com<http://reviewboard.companyname.com/> #RewriteEngine on # Rewrite traffic back to https://reviewboard.COMPANYNAME.com<https://reviewboard.companyname.com/> # RewriteCond %{SERVER_NAME} reviewboard.COMPANYNAME.com<http://reviewboard.companyname.com/> # RewriteCond %{HTTPS} !=on # RewriteRule ^/(.*)$ https://reviewboard.COMPANYNAME.com/$1<https://reviewboard.companyname.com/$1> [R=301,PT] RewriteCond %{HTTPS} off RewriteRule .* https://%{HTTP_HOST}%{REQUEST_URI} [R=301,P,PT,L] CustomLog /var/log/httpd/reviewboard.COMPANYNAME.com-access.log common ErrorLog /var/log/httpd/reviewboard.COMPANYNAME.com-error.log SetEnv HTTPS on </VirtualHost> Web Node/Node running Reviewboard Listen 8080 <VirtualHost *:8080> SetEnv HTTPS on ServerName reviewboard01.local-COMPANYNAME.net<http://reviewboard01.local-companyname.net/> DocumentRoot "/var/www/reviewboard/htdocs" #LogLevel debug # Error handlers ErrorDocument 500 /errordocs/500.html WSGIPassAuthorization On WSGIScriptAlias "/reviews" "/var/www/reviewboard/htdocs/reviewboard.wsgi/reviews" <Directory "/var/www/reviewboard/htdocs"> AllowOverride All Options -Indexes FollowSymLinks Allow from all </Directory> # Alias static media requests to filesystem Alias /reviews/media "/var/www/reviewboard/htdocs/media" Alias /reviews/errordocs "/var/www/reviewboard/htdocs/errordocs" Alias /reviews/favicon.ico "/var/www/reviewboard/htdocs/media/rbcommons/images/favicon.png" Any help here would be greatly appreciated! Best, Brian -- Want to help the Review Board project? Donate today at http://www.reviewboard.org/donate/ Happy user? Let us know at http://www.reviewboard.org/users/ -~----------~----~----~----~------~----~------~--~--- To unsubscribe from this group, send email to reviewboard+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/reviewboard?hl=en