[omd-users] OMD & SSL

Chris Moody chris at node-nine.com
Tue Dec 6 20:57:59 CET 2016

Hello all.

Wanted to first thank everyone for their work to streamline and
integrate so many pieces together in such a cool package.  I'm a huge
fan of the OMD model.  I used to have a bunch of custom routines I had
built that were trying to accomplish some of the same goals, but this
approach is -so- much better.

I could use a hand though with what should hopefully be something simple
that I just haven't come across in the Docs.  I need to make all my
instances SSL only instead of just plaintext http.  Even if it's just
the login page that's SSL, my user-base will not be comfortable with
plaintext http logins.

I've tried tinkering a bit with apache's config, but attempting rewrite
rules in the main system 000-default.conf seem to cause other problems
with things like the thruk login cgi.  There seems to be too much
redirecting and linking internally to non-https URLs basically that some
links are working where others are not.  I've not given up with this
approach but it's definitely behaving more finicky than I had anticipated.

=====[ Documented here: https://mathias-kettner.de/cms_omd_https.html
RewriteEngine On
RewriteCond %{SERVER_PORT} !^443$
RewriteRule (.*) https://%{HTTP_HOST}/$1 [L]

I also attempted a quick pass at using nginx on the same host to proxy
back all calls to the http apache daemon, but it was having troubles
with passing frames through when proxying, so I found myself going down
the rabbithole of disabling frames...but then also was running into some
links not proxying correctly (the login cgi being the first case).  I've
also not given up on this approach either but it as well is being a bit
more finicky that I anticipated.

Has anyone implemented a total https OMD setup (multisite)...or are
there docs/references that give clues as to how best to accomplish this?
Any pointers to help smooth the path would be greatly appreciated.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.mathias-kettner.de/pipermail/omd-users/attachments/20161206/5ba65ee3/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 455 bytes
Desc: OpenPGP digital signature
URL: <http://lists.mathias-kettner.de/pipermail/omd-users/attachments/20161206/5ba65ee3/attachment.sig>

More information about the omd-users mailing list