Forcing SSL with Plone across Apache proxy

fvm2000 · April 11, 2016, 3:47pm

Hi there!

We have a small Plone (v3.1.7) site that runs on a server inside our network. Access to this site from the outside is permitted through an Apache server.

Currently, traffic comes in through the proxy server on port :80 (http). We'd like to change that to force all traffic to go through port :443 (https).

I looked at the excellent article https://plone.org/documentation/kb-old/apache-ssl , however, it was written with the scenario that Plone and Apache are both running on the same server.

Has anyone here gone through this process ?

ebrehault · April 11, 2016, 4:03pm

You can apply the very same solutions described in this article, just replace localhost with your Plone server IP (192.168.0.10 or whatever).

fvm2000 · April 11, 2016, 8:13pm

I tried that. Doesn't seem to work. It rewrites the URL as https but doesn't load the Plone pages. I just get my catch-all "server down" page.

smcmahon · April 11, 2016, 10:26pm

Does your firewall on the Plone server allow connections from your bastion server?

fvm2000 · April 11, 2016, 11:28pm

Yes. I also tried with the firewall turned off...

As a side note, the other folders off the root that are hosted on the Apache host are properly rewritten to :443. So my ssl config is ok. As are the rewrite rules for other folders...