Highlighted

Dispatcher flush not working when SSL is configured for Dispatcher and publisher still with HTTP

timmy-mathew

17-01-2018

Hi Everyone,

            Recently for one of our projects I configured the dispatcher with SSL configuration. It works fine we are able to access all the pages through dispatcher via https. We have configured to redirect all the http request to https like in the configuration shown below. But with this the only problem we are facing is with the replication agent. The replication agent is not working now. We want SSL only on the dispatcher and not on author and publisher. Please suggest what's wrong here or how can we fix it. Thanks in advance.

Vhost config below

<VirtualHost *:80>

ServerName www.xyz.com

ServerAlias prod.xyz.com

Header set Host "www.xyz.com"

DocumentRoot /opt/aem/cache/content/xyz-com

Redirect    /    https://prod.xyz.com/

</VirtualHost>

<VirtualHost *:443>

ServerName www.xyz.com

ServerAlias prod.xyz.com

.....

.....

</VirtualHost>

Replication Agent Test Connection Log

17.01.2018 16:21:07 - Create new HttpClient for Dispatcher Flush

17.01.2018 16:21:07 - * HTTP Version: 1.1

17.01.2018 16:21:07 - adding header: CQ-Action:Test

17.01.2018 16:21:07 - adding header: CQ-Handle:/content

17.01.2018 16:21:07 - adding header: CQ-Path:/content

17.01.2018 16:21:07 - deserialize content for delivery

17.01.2018 16:21:07 - No message body: Content ReplicationContent.VOID is empty

17.01.2018 16:21:07 - Sending GET request to http://10.0.0.1:80/invalidation/invalidation_only.any

17.01.2018 16:21:07 - sent. Response: 302 Found

17.01.2018 16:21:07 - Replication (TEST) of /content not successful. Conversation follows

17.01.2018 16:21:07 - ------------------------------------------------

17.01.2018 16:21:07 - Sending message to someip:80

17.01.2018 16:21:07 - >> GET /invalidation/invalidation_only.any HTTP/1.0

17.01.2018 16:21:07 - >> CQ-Action: Test

17.01.2018 16:21:07 - >> CQ-Handle: /content

17.01.2018 16:21:07 - >> CQ-Path: /content

17.01.2018 16:21:07 - >> Referer: about:blank

17.01.2018 16:21:07 - >> Content-Length: 0

17.01.2018 16:21:07 - >> Content-Type: application/octet-stream

17.01.2018 16:21:07 - --

17.01.2018 16:21:07 - << HTTP/1.1 302 Found

17.01.2018 16:21:07 - << Date: Wed, 17 Jan 2018 15:25:19 GMT

17.01.2018 16:21:07 - << Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips Communique/4.2.1

17.01.2018 16:21:07 - << Location: https://prod.xyz.com/invalidation/invalidation_only.any

17.01.2018 16:21:07 - << Content-Length: 241

17.01.2018 16:21:07 - << Content-Type: text/html; charset=iso-8859-1

17.01.2018 16:21:07 - <<

17.01.2018 16:21:07 - << <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">

17.01.2018 16:21:07 - << <html><head>

17.01.2018 16:21:07 - << <title>302 Found</title>

17.01.2018 16:21:07 - << </head><body>

17.01.2018 16:21:07 - << <h1>Found</h1>

17.01.2018 16:21:07 - << <p>The document has moved <a href="https://prod.xyz.com/invalidation/invalidation_only.any">here</a>.</p>

17.01.2018 16:21:07 - << </body></html>

17.01.2018 16:21:07 - Message sent.

17.01.2018 16:21:07 - ------------------------------------------------

17.01.2018 16:21:07 - Replication (TEST) of /content not successful.

Replies

Highlighted

timmy-mathew

18-01-2018

Well I got it fixed. In the port 80 I was missing the <Directory> directive so it missed permissions. After adding that it worked fine for me. Just to mention I already had <Directive> in the 443 virtual host as well but since this request was specifically on port 80 so it required to have the directive there as well also with a small Rewrite rule.

RewriteEngine On

RewriteCond %{HTTPS} =off

RewriteCond %{REQUEST_URI} !/invalidation(.*)$

RewriteRule .* https://prod.xyz.com%{REQUEST_URI}

So, if the request is http and matches invalidation request then it would pass it as http and for rest all it will redirect as https.