Description of problem: SSL environment variables are not accessable in mod_rewrite rules. Version-Release number of selected component (if applicable): httpd-2.0.46-32.ent mod_ssl-2.0.46-32.ent How reproducible: 100% Steps to Reproduce: 1. edit httpd.conf as per attached diff. 2. edit /etc/httpd/conf.d/ssl.conf as per attached diff. 3. service httpd restart 4. try accessing http://your-server.com/ Actual results: firefox (and any other browser you point) gets stuck in an infinite redirect because the variable is never getting set. Expected results: you should simply end up at https://your-server.com/ Additional info: this rewrite rule *should* work as per the httpd.conf snippet at: http://httpd.apache.org/docs-2.0/ssl/ssl_howto.html#intranet i've tried using HTTPS, SSL:HTTPS, SSL_HTTPS and ENV:HTTPS as variables to test to see if HTTPS is being used for the connection and all produce the recursive redirect problem. there is a relavent thread on the apache development list: http://www.mail-archive.com/dev@httpd.apache.org/msg19881.html i wasn't sure if they were suggesting that all of the above methods i've tried are currently broken, or if the SSL:XXX version should work and the others don't. either way, it seems this is a big problem with redhat's shipped version of apache.
Created attachment 99127 [details] patch for httpd.conf
Created attachment 99128 [details] patch for ssl.conf
Thanks for the report. The configuration which does currently work is: RewriteCond %{LA-U:ENV:HTTPS} !=on For a future update we are planning to restore support for %{HTTPS} and add support for the new fast %{SSL:...} variable lookup.
As above, for the next mod_rewrite has been extended to support: RewriteCond %{SSL:...} ... for direct SSL variable lookup, along with restored support for %{HTTPS}. "SSLOptions +StdEnvVars" is not required for these expansions to work. Test packages are available at: http://people.redhat.com/jorton/Taroon-httpd/
Fix confirmed with httpd-2.0.46-32.ent. Closing out.
An errata has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on the solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHSA-2004-349.html