Bug 40173

Summary: Redirect from http://$SERVER/server-status to https does not work
Product: UCS Reporter: Nico Gulden <gulden>
Component: SSLAssignee: Florian Best <best>
Status: CLOSED FIXED QA Contact: Daniel Tröder <troeder>
Severity: normal    
Priority: P5 CC: best, gohmann, walkenhorst
Version: UCS 4.0   
Target Milestone: UCS 4.1-0-errata   
Hardware: Other   
OS: Linux   
See Also: https://forge.univention.org/bugzilla/show_bug.cgi?id=40121
What kind of report is it?: --- What type of bug is this?: ---
Who will be affected by this bug?: --- How will those affected feel about the bug?: ---
User Pain: Enterprise Customer affected?:
School Customer affected?: ISV affected?:
Waiting Support: Flags outvoted (downgraded) after PO Review:
Ticket number: Bug group (optional):
Max CVSS v3 score:

Description Nico Gulden univentionstaff 2015-12-04 10:04:34 CET 
Reported with Ticket#2015120221000246

Since UCS 4.0-3 HTTPS can be enforced on UCS:
ucr set apache2/force_https=true

Side effect: Munin plugins or direct calls to http://$SERVER/server-status receive a HTTP-302. The plugins cannot deal with the redirect.

The user suggests to change the /etc/univention/templates/files/etc/apache2/mods-available/ssl.conf template and add a check that does not enforce SSL if the URL includes /server-status.

A suggested patch is attached to the above mentioned ticket.
Comment 1 Florian Best univentionstaff 2015-12-09 18:17:28 CET 
Should be fixed together with the patch at Bug #40121.
Comment 2 Florian Best univentionstaff 2016-01-04 13:51:06 CET 
univention-apache (8.0.1-3):
r66559 | Bug #40121: Bug #40173: fix HTTP status when redirecting to HTTPS

univention-apache.yaml:
r66562 | YAML Bug #40121 Bug #40173
Comment 3 Daniel Tröder univentionstaff 2016-01-12 12:47:21 CET 
OK: Code
OK: advisory
OK: manual test:
# ucr set apache2/force_https=true
# wget --no-check-certificate http://10.200.3.22/server-status
--2016-01-12 12:38:37--  http://10.200.3.22/server-status
Verbindungsaufbau zu 10.200.3.22:80... verbunden.
HTTP-Anforderung gesendet, warte auf Antwort... 200 OK

→ not redirected
Comment 4 Janek Walkenhorst univentionstaff 2016-01-13 13:10:49 CET 
<http://errata.software-univention.de/ucs/4.1/48.html>