Univention Bugzilla – Bug 47071
Apache does not pass HTTPS in the request header when mod_proxy proxies to HTTP
Last modified: 2018-06-13 14:06:46 CEST
As stated in bug 44921c2: > We will need a backport In this case, UCS 4.2 was meant. +++ This bug was initially created as a clone of Bug #44921 +++ The App Center allows to pass HTTPS requests to the container. Apache may use HTTP for that proxy connection. In this case the information that the connection once was HTTPS is not passed through. This may lead to redirects that explicitly tell the browser use HTTP. We should use RequestHeader set "X-Forwarded-Proto" expr=%{REQUEST_SCHEME} RequestHeader set "X-Forwarded-SSL" expr=%{HTTPS} is out sites.
Fixed in univention-apache 9.0.5-14A~4.2.0.201805251140
OK - univention-apache X-Forwarded-Proto X-Forwarded-SSL OK - yaml
<http://errata.software-univention.de/ucs/4.2/419.html>