[BUG]DA on SSL but phpMyAdmin not on SSL

[gunemalli]

Hi there,

I don't know whether someone has already told this before, but i encountered this issue yesterday when I accessed the phpMyAdmin console.

I have setup my DA installation to use SSL and SSL redirect to my hostname. Everything is working well on all the places i used. But when i clicked phpMyAdmin link ponts to nonsecure http.

I just double checked it and the link points to http and not to https. And if i manually typed in https it works like a charm.

I think this could be an issue with the theme (i'm using the default enhanced skin)

Hope someone could make a fix to this.

Regards,
Gayan

 

[scsi]

Its not a bug there is no reason it would be linked as ssl. You would have to edit the skin to have it be an ssl link.

 

[gunemalli]

Yes,

It seems the links are hard coded. I'll try to figure out something on this.

Thanks

 

[localhost]

You can report this as a bug.

 

[floyd]

Use a .htaccess to to redirect to the https link.

 

[gunemalli]

No need to big things. The DA team have forgotten to do something in their skin.

So all you guys and girls just open up the relevant skin files and replace all http with |HTTP|

Then DA would automatically replace with http or https

 

[DirectAdmin Support]

Hello,

We've intentially set the skins to use http:// for apache scripts.
We did used to have |HTTP| for them, but when SSL=1 was used in DA, it caused issues.

The problem is that when the same hostname is used with ssl, most browsers make false assumptions about ports. What they do is assume since the host is the same, they can use the same cert/key pair, even though they're no longer using 2222, and using 443 instead. What ends up happening is that the 2222 key is passed to 443 for apache. Apache says "what is that? I didn't send it to you" and you end up with an SSL protocol error, ending up in a blank page. Once you hit F5 to reload the page, then your apache/php page will show up fine, but it requires the reload each time (very annoying). Even if the same cert/key are used in DA and apache, there are significant protocol differences that breaks it. This is why we took out |HTTP| and forced all links to apache script to use http.

Some workarounds would be to use a different hostname value for the php scripts, but there will always be that one case where the user accesses DA with the same value and will hit the error. Even with a popup window, the error occurs. So no, we didn't forget anything, we did it on purpose.

John

 

[gunemalli]

Ah now i see why this was done. I didn't look at the past bullettings and i am sorry if i accused you guys (which was un-intentional). I will check on this then.

Thanks for updating this thread.

 

[ditto]

[..] The problem is that when the same hostname is used with ssl, most browsers make false assumptions about ports. What they do is assume since the host is the same, they can use the same cert/key pair, even though they're no longer using 2222, and using 443 instead. What ends up happening is that the 2222 key is passed to 443 for apache. Apache says "what is that? I didn't send it to you" and you end up with an SSL protocol error, ending up in a blank page. Once you hit F5 to reload the page, then your apache/php page will show up fine, but it requires the reload each time (very annoying). Even if the same cert/key are used in DA and apache, there are significant protocol differences that breaks it. This is why we took out |HTTP| and forced all links to apache script to use http.

This problem seems to be solved now? I added my RapidSSL sertificate to

/etc/httpd/conf/ssl.crt/server.crt
/etc/httpd/conf/ssl.key/server.key

And both phpmyadmin and roundcube webmail works with valid SSL sertificate on https in all browsers I have testet. I tested both Firefox, Opera, Chrome, and IE8 -- I did not have to refresh the pages, they was displaying a valid SSL certificate at the first page load.

I am using newest DA, and CentOS 5.5 64bit

I will change the enchanced skin to use https for roundcube and phpmyadmin. Maybe you will change this in the official version also?

 

[syaman]

Thanks for the solution - it has certainly helped me too!

This problem seems to be solved now? I added my RapidSSL sertificate to

/etc/httpd/conf/ssl.crt/server.crt
/etc/httpd/conf/ssl.key/server.key

And both phpmyadmin and roundcube webmail works with valid SSL sertificate on https in all browsers I have testet. I tested both Firefox, Opera, Chrome, and IE8 -- I did not have to refresh the pages, they was displaying a valid SSL certificate at the first page load.

I am using newest DA, and CentOS 5.5 64bit

I will change the enchanced skin to use https for roundcube and phpmyadmin. Maybe you will change this in the official version also?