Forum Stats

  • 3,853,021 Users
  • 2,264,165 Discussions
  • 7,905,194 Comments

Discussions

Webgate is not returning HTTPS

Filip Huysmans
Filip Huysmans Member Posts: 300 Bronze Badge
edited May 22, 2013 4:16AM in Identity Manager
Hello everyone,

Environment:
OAM: 11.1.2.0
WebTier: 11 Patch 6

We have our webtier (HTTP_Server), which contains the webgate component, running on port 8888 on protocol HTTP.
When we access this webtier directly everything, all redirections and logins, are working fine.

Now we need to change the entry point, to allow the user to come-in through a different apache server. This one is running in SSL-mode. So the user needs to access our system through https://<front_end_server_name>/<our application name>.

While all our urls are now in https, there is 1 that isn't. Be aware, the HTTP_Server with the webgate component is still running in HTTP-mode, it is only this front-end apache server that is running in SSL-mode.

After we commit our form (auth_cred_submit), we see the location in the response headers of this page pointing to : http://<front_end_server_name>/obrar.cgi
You can see that the correct servername and port are being used, namely the one of the front-end apache server, but the wrong protocol. The url is created with the protocol of the HTTP_Server where the webgate is running on and not the one of the front-end apache.

How can we fix this problem so that the url is generated with the HTTPS-protocol ?

Thank you in advance.

Filip Huysmans
Tagged:

Answers

  • Filip Huysmans
    Filip Huysmans Member Posts: 300 Bronze Badge
    Hello everyone,

    I've found a way to replace the http-location into https-location.
    Just add the following lines at the end of your httpd.conf file of the apache running the webgate component:
    #Change the HTTP traffic to HTTPS
    Header edit Location ^http:// https://
    While this seems to resolve my issue, I do not believe that this is the way to go.

    So, if someone has a better solution, and I think any other solution will be better, please let me know.

    Thank you in advance.

    Filip
  • Filip Huysmans
    Filip Huysmans Member Posts: 300 Bronze Badge
  • You would need to take a look at "ProxySSLHeaderVar" user defined parameter in webgate definition and its implementation

    http://docs.oracle.com/cd/E15217_01/doc.1014/e12488/v2access.htm#CIHJBCFF

    1. Add "ProxySSLHeaderVar" user defined parameter in webgate definition
    For example: "ProxySSLHeaderVar" - "sslstate" Name-Value pair
    2. In SSL enabled apache set header as "sslstate" and its value as "ssl" via mod_header directive in httpd.conf
    3. Make sure http_sslstate header is getting passed with value of ssl to webgate enabled apache server

    Regards
    Aakash
This discussion has been closed.