Re: [SOGo] Unable to get access to SOGo for unknown reason.
On 22.02.19 15:41, Christian Mack (christian.m...@uni-konstanz.de) wrote:
Could you add the following line to your Apache config:
RequestHeader set "x-webobjects-server-url" "https://%{HTTP_HOST}e;
Hello Christian,
Thank you for your reply!
Suggested line already was in my Apache config and it didn't work.
I've commented it out on purpose, because it was one of first
recommendations I got from here to make things work :-)
--
Kind regards,
Dmytro Lysytsyn
--
users@sogo.nu
https://inverse.ca/sogo/lists
Re: [SOGo] Unable to get access to SOGo for unknown reason.
Hello This list is for all questions about SOGo. Hijacking threads means: Answering to an email from a list with a completely different topic. That is because most people use threads for deciding what to read. By hijacking them you give some people annoying work and will be overlooked by others. Kind regards, Christian Mack Am 22.02.19 um 15:00 schrieb "Christoph Noppeney" (noppe...@euronet.de): > Hello, > > thank you for your assistance. Sorry didn't knew that is an access issue > newslist. > > Kind Regards Christoph Noppeney > > -Ursprüngliche Nachricht- > Von: users-requ...@sogo.nu Im Auftrag von Christian > Mack > Gesendet: Freitag, 22. Februar 2019 14:47 > An: users@sogo.nu > Betreff: Re: [SOGo] Unable to get access to SOGo for unknown reason. > > Hello > > Am 20.02.19 um 14:43 schrieb "Christoph Noppeney" (noppe...@euronet.de): >> >> does anybody know how to configure SOGo to use a custom design template. >> Short and simple hints were really appreciate. >> >> OS: centos 7 latest >> SOGo: latest >> > > Please do not hijack threads. > Your question has nothing to do with access to SOGo! > > Check out > https://sogo.nu/files/docs/SOGoDevelopersGuide.html#_defining_an_alternate_color_theme > > > Kind regards, > Christian Mack > -- Christian Mack Universität Konstanz Kommunikations-, Informations-, Medienzentrum (KIM) Abteilung Basisdienste 78457 Konstanz +49 7531 88-4416 smime.p7s Description: S/MIME Cryptographic Signature
Re: [SOGo] Unable to get access to SOGo for unknown reason.
Hello Am 20.02.19 um 14:43 schrieb "Christoph Noppeney" (noppe...@euronet.de): > > does anybody know how to configure SOGo to use a custom design template. > Short and simple hints were really appreciate. > > OS: centos 7 latest > SOGo: latest > Please do not hijack threads. Your question has nothing to do with access to SOGo! Check out https://sogo.nu/files/docs/SOGoDevelopersGuide.html#_defining_an_alternate_color_theme Kind regards, Christian Mack -- Christian Mack Universität Konstanz Kommunikations-, Informations-, Medienzentrum (KIM) Abteilung Basisdienste 78457 Konstanz +49 7531 88-4416 smime.p7s Description: S/MIME Cryptographic Signature
Re: [SOGo] Unable to get access to SOGo for unknown reason.
Hello
That looks all sound.
Could you add the following line to your Apache config:
RequestHeader set "x-webobjects-server-url"
"https://%{HTTP_HOST}e;
Kind regards,
Christian Mack
Am 20.02.19 um 13:31 schrieb Dmytro Lysytsyn (dmytro.lysyt...@gmail.com):
> On 20.02.19 14:20, Christian Mack (christian.m...@uni-konstanz.de) wrote:
>> Is Apache module headers active? What is in
>> /etc/letsencrypt/options-ssl-apache.conf ?
> Hello Christian,
>
> Thank you for your answer!
>
> As far as I see 'headers' module is active:
>
> root@kntest3:~# apachectl -M
> Loaded Modules:
< ... >
> headers_module (shared)
< ... >
>
> Also here's content of 'options-ssl-apache.conf':
>
> root@kntest3:~# grep -Ev '^(#|$)' <
> /etc/letsencrypt/options-ssl-apache.conf
> SSLEngine on
> SSLProtocol all -SSLv2 -SSLv3
> SSLCipherSuite
> ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS
>
> SSLHonorCipherOrder on
> SSLCompression off
> SSLOptions +StrictRequire
> LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-agent}i\""
> vhost_combined
> LogFormat "%v %h %l %u %t \"%r\" %>s %b" vhost_common
> root@kntest3:~#
>
>
--
Christian Mack
Universität Konstanz
Kommunikations-, Informations-, Medienzentrum (KIM)
Abteilung Basisdienste
78457 Konstanz
+49 7531 88-4416
smime.p7s
Description: S/MIME Cryptographic Signature
Re: [SOGo] Unable to get access to SOGo for unknown reason.
On 20.02.19 14:20, Christian Mack (christian.m...@uni-konstanz.de) wrote:
Is Apache module headers active? What is in
/etc/letsencrypt/options-ssl-apache.conf ?
Hello Christian,
Thank you for your answer!
As far as I see 'headers' module is active:
root@kntest3:~# apachectl -M
Loaded Modules:
core_module (static)
so_module (static)
watchdog_module (static)
http_module (static)
log_config_module (static)
logio_module (static)
version_module (static)
unixd_module (static)
access_compat_module (shared)
alias_module (shared)
auth_basic_module (shared)
authn_core_module (shared)
authn_file_module (shared)
authz_core_module (shared)
authz_host_module (shared)
authz_user_module (shared)
autoindex_module (shared)
deflate_module (shared)
dir_module (shared)
env_module (shared)
expires_module (shared)
filter_module (shared)
headers_module (shared)
mime_module (shared)
mpm_prefork_module (shared)
negotiation_module (shared)
php7_module (shared)
proxy_module (shared)
proxy_http_module (shared)
reqtimeout_module (shared)
rewrite_module (shared)
setenvif_module (shared)
socache_shmcb_module (shared)
ssl_module (shared)
status_module (shared)
Also here's content of 'options-ssl-apache.conf':
root@kntest3:~# grep -Ev '^(#|$)' < /etc/letsencrypt/options-ssl-apache.conf
SSLEngine on
SSLProtocol all -SSLv2 -SSLv3
SSLCipherSuite
ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS
SSLHonorCipherOrder on
SSLCompression off
SSLOptions +StrictRequire
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-agent}i\""
vhost_combined
LogFormat "%v %h %l %u %t \"%r\" %>s %b" vhost_common
root@kntest3:~#
--
Kind regards,
Dmytro Lysytsyn
--
users@sogo.nu
https://inverse.ca/sogo/lists
Re: [SOGo] Unable to get access to SOGo for unknown reason.
Hello
Is Apache module headers active?
What is in /etc/letsencrypt/options-ssl-apache.conf ?
Kind regards,
Christian Mack
Am 20.02.19 um 09:10 schrieb Dmytro Lysytsyn (dmytro.lysyt...@gmail.com):
> On 19.02.19 22:05, Andrey Cherepanov (c...@altlinux.org) wrote:
>> From mail from Julian Kippels at 21.09.2018 in users@sogo.nu:
>> I found the problem. It wasn't anything in the /etc/sogo/sogo.conf at
>> all. The problem was with the Apache configuration. When I comment out
>> this line RequestHeader set "x-webobjects-server-url"
>> "https://%{HTTP_HOST}e"env=HTTP_HOST
>>
>> from /etc/httpd/conf.d/SOGo.conf everything works as it should. See
>> also fix in package:
>> http://git.altlinux.org/people/cas/packages/sogo.git?p=sogo.git;a=commit;h=6003f42429088b092ace1944d8d9b92fc48a7507
>>
>
> Hello Andrey,
>
> Thank you for your answer!
>
> I tried to comment out line you've mentioned but that doesn't change
> SOGO's behavior at all.
> And of course I did restart Apache after config changes.
> And also cleared browser's cache just in case.
>
> Here is my whole Apache configuration for SOGo and FD site:
> --- 8< -
>
> ServerName kntest3.ldvtest.org.ua
> ServerAdmin webmas...@kntest3.ldvtest.org.ua
> ErrorLog ${APACHE_LOG_DIR}/kntest3.ldvtest.org.ua_http_error.log
> CustomLog ${APACHE_LOG_DIR}/kntest3.ldvtest.org.ua_http_access.log
> combined
> Redirect "/" "https://kntest3.ldvtest.org.ua;
>
>
>
>
> ServerName kntest3.ldvtest.org.ua
> DocumentRoot /var/www/html/kntest3.ldvtest.org.ua
> ServerAdmin webmas...@kntest3.ldvtest.org.ua
> ErrorLog ${APACHE_LOG_DIR}/kntest3.ldvtest.org.ua_https_error.log
> CustomLog
> ${APACHE_LOG_DIR}/kntest3.ldvtest.org.ua_https_access.log combined
> SSLEngine on
> SSLCertificateFile
> /etc/letsencrypt/live/kntest3.ldvtest.org.ua/cert.pem
> SSLCertificateKeyFile
> /etc/letsencrypt/live/kntest3.ldvtest.org.ua/privkey.pem
> Include /etc/letsencrypt/options-ssl-apache.conf
>
> Options Indexes FollowSymLinks
> AllowOverride None
> Require all granted
>
> Alias /fusiondirectory /usr/share/fusiondirectory/html
>
> SSLOptions +StdEnvVars
>
>
> SSLOptions +StdEnvVars
>
> BrowserMatch "MSIE [2-6]" nokeepalive ssl-unclean-shutdown
> downgrade-1.0 force-response-1.0
> BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown
>
>
> php_admin_flag engine on
> php_admin_flag register_globals off
> php_admin_flag allow_call_time_pass_reference off
> php_admin_flag expose_php off
> php_admin_flag zend.ze1_compatibility_mode off
> php_admin_flag register_long_arrays off
> php_admin_value upload_tmp_dir /var/spool/fusiondirectory/
> php_admin_value session.cookie_lifetime 0
>
>
>
> Order Allow,Deny
> # Changed IP here
> Allow from 1.2.3.4
>
> Alias /SOGo.woa/WebServerResources/
> /usr/lib/GNUstep/SOGo/WebServerResources/
> Alias /SOGo/WebServerResources/
> /usr/lib/GNUstep/SOGo/WebServerResources/
>
> AllowOverride None
>
> Order deny,allow
> Allow from all
>
> = 2.4>
> Require all granted
>
>
> ExpiresActive On
> ExpiresDefault "access plus 1 year"
>
>
> ProxyRequests Off
> SetEnv proxy-nokeepalive 1
> ProxyPreserveHost On
> ProxyPass /SOGo http://127.0.0.1:2/SOGo retry=0
> http://127.0.0.1:2/SOGo>
>
> RequestHeader set "x-webobjects-server-port" "443"
> SetEnvIf Host (.*) HTTP_HOST=$1
> RequestHeader set "x-webobjects-server-name"
> "%{HTTP_HOST}e" env=HTTP_HOST
> RequestHeader unset "x-webobjects-remote-user"
> RequestHeader set "x-webobjects-server-protocol" "HTTP/1.0"
>
> AddDefaultCharset UTF-8
> Order allow,deny
> Allow from all
>
>
> RewriteEngine On
> RewriteRule ^/.well-known/caldav/?$ /SOGo/dav [R=301]
> RewriteRule ^/.well-known/carddav/?$ /SOGo/dav [R=301]
>
>
>
> --- 8< -
>
>
--
Christian Mack
Universität Konstanz
Kommunikations-, Informations-, Medienzentrum (KIM)
Abteilung Basisdienste
78457 Konstanz
+49 7531 88-4416
smime.p7s
Description: S/MIME Cryptographic Signature
Re: [SOGo] Unable to get access to SOGo for unknown reason.
On 19.02.19 22:05, Andrey Cherepanov (c...@altlinux.org) wrote:
From mail from Julian Kippels at 21.09.2018 in users@sogo.nu:
I found the problem. It wasn't anything in the /etc/sogo/sogo.conf at
all. The problem was with the Apache configuration. When I comment out
this line RequestHeader set "x-webobjects-server-url"
"https://%{HTTP_HOST}e"env=HTTP_HOST
from /etc/httpd/conf.d/SOGo.conf everything works as it should. See
also fix in package:
http://git.altlinux.org/people/cas/packages/sogo.git?p=sogo.git;a=commit;h=6003f42429088b092ace1944d8d9b92fc48a7507
Hello Andrey,
Thank you for your answer!
I tried to comment out line you've mentioned but that doesn't change
SOGO's behavior at all.
And of course I did restart Apache after config changes.
And also cleared browser's cache just in case.
Here is my whole Apache configuration for SOGo and FD site:
--- 8< -
ServerName kntest3.ldvtest.org.ua
ServerAdmin webmas...@kntest3.ldvtest.org.ua
ErrorLog ${APACHE_LOG_DIR}/kntest3.ldvtest.org.ua_http_error.log
CustomLog ${APACHE_LOG_DIR}/kntest3.ldvtest.org.ua_http_access.log
combined
Redirect "/" "https://kntest3.ldvtest.org.ua;
ServerName kntest3.ldvtest.org.ua
DocumentRoot /var/www/html/kntest3.ldvtest.org.ua
ServerAdmin webmas...@kntest3.ldvtest.org.ua
ErrorLog ${APACHE_LOG_DIR}/kntest3.ldvtest.org.ua_https_error.log
CustomLog
${APACHE_LOG_DIR}/kntest3.ldvtest.org.ua_https_access.log combined
SSLEngine on
SSLCertificateFile
/etc/letsencrypt/live/kntest3.ldvtest.org.ua/cert.pem
SSLCertificateKeyFile
/etc/letsencrypt/live/kntest3.ldvtest.org.ua/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
Options Indexes FollowSymLinks
AllowOverride None
Require all granted
Alias /fusiondirectory /usr/share/fusiondirectory/html
SSLOptions +StdEnvVars
SSLOptions +StdEnvVars
BrowserMatch "MSIE [2-6]" nokeepalive ssl-unclean-shutdown
downgrade-1.0 force-response-1.0
BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown
php_admin_flag engine on
php_admin_flag register_globals off
php_admin_flag allow_call_time_pass_reference off
php_admin_flag expose_php off
php_admin_flag zend.ze1_compatibility_mode off
php_admin_flag register_long_arrays off
php_admin_value upload_tmp_dir /var/spool/fusiondirectory/
php_admin_value session.cookie_lifetime 0
Order Allow,Deny
# Changed IP here
Allow from 1.2.3.4
Alias /SOGo.woa/WebServerResources/
/usr/lib/GNUstep/SOGo/WebServerResources/
Alias /SOGo/WebServerResources/
/usr/lib/GNUstep/SOGo/WebServerResources/
AllowOverride None
Order deny,allow
Allow from all
= 2.4>
Require all granted
ExpiresActive On
ExpiresDefault "access plus 1 year"
ProxyRequests Off
SetEnv proxy-nokeepalive 1
ProxyPreserveHost On
ProxyPass /SOGo http://127.0.0.1:2/SOGo retry=0
http://127.0.0.1:2/SOGo>
RequestHeader set "x-webobjects-server-port" "443"
SetEnvIf Host (.*) HTTP_HOST=$1
RequestHeader set "x-webobjects-server-name"
"%{HTTP_HOST}e" env=HTTP_HOST
RequestHeader unset "x-webobjects-remote-user"
RequestHeader set "x-webobjects-server-protocol" "HTTP/1.0"
AddDefaultCharset UTF-8
Order allow,deny
Allow from all
RewriteEngine On
RewriteRule ^/.well-known/caldav/?$ /SOGo/dav [R=301]
RewriteRule ^/.well-known/carddav/?$ /SOGo/dav [R=301]
--- 8< -
--
Kind regards,
Dmytro Lysytsyn
--
users@sogo.nu
https://inverse.ca/sogo/lists
Re: [SOGo] Unable to get access to SOGo for unknown reason.
19.02.2019 22:09, Dmytro Lysytsyn (dmytro.lysyt...@gmail.com) пишет:
Hello there!
Hope you're doing well.
I'm trying to setup SOGo for the first time. And now I'm stuck with no
visible reasons for it.
Would somebody please show me the right way?
Symptoms are: when I'm trying to log on to SOGo under any username
('sogoadm' for example) using 'https://kntest3.ldvtest.org.ua/SOGo'
link, this is happened:
1. it redirects me to '/SOGo/', where is that
what I'm trying to log on with. And it still shows me SOGo
white-and-green login page.
2. If I try to login again (now with
'https://kntest3.ldvtest.org.ua/SOGo/sogoadm' URL) it redirects me
again. New URL is 'https://kntest3.ldvtest.org.ua/SOGo/so/sogoadm'.
3. If I'll still try to login it will silently redirect me on what
last page again and again, i.g. URL will now always
'https://kntest3.ldvtest.org.ua/SOGo/so/sogoadm' and nothing more
happenes.
From mail from Julian Kippels at 21.09.2018 in users@sogo.nu:
Hi again,
I found the problem. It wasn't anything in the /etc/sogo/sogo.conf at
all. The problem was with the Apache configuration. When I comment out
this line
RequestHeader set "x-webobjects-server-url""https://%{HTTP_HOST}e;
env=HTTP_HOST
from /etc/httpd/conf.d/SOGo.conf everything works as it should.
Julian
See also fix in package:
http://git.altlinux.org/people/cas/packages/sogo.git?p=sogo.git;a=commit;h=6003f42429088b092ace1944d8d9b92fc48a7507
--
Andrey Cherepanov
c...@altlinux.org
--
users@sogo.nu
https://inverse.ca/sogo/lists
