Hi This is a mildly irritating issue I'd like to resolve. When Uyuni generates emails like this: Uyuni has determined that the following advisory is applicable to one or more of the systems you have registered: Complete information about this patch can be found at the following location: http://hostname_redacted.com/rhn/errata/details/Details.do?eid=1824 ... If I click on that link, it takes me to Uyuni's login page at http:/... /rhn/manager/login?url_bounce=%2Frhn%2Ferrata%2Fdetails%2FDetails.do%3Feid%3D1824&request_method=GET No matter what I enter, I get bounced back. If I manually replace the emailed url with https, everything works as expected. Notes: 1. https is enabled throughout. 2. I assume that the http -> https redirection is not handling that transition well. 3. I assume that I can somewhere change the URLs supplied used in these emails to https. This would allow emails to work without redirection. However - I have not been able to locate anywhere in the webui or /etc configuration that allow me to change this. I've not been able to locate it in Uyuni's documentation (although it is an awful thing to search for) Can somebody please give me a pointer as to where I can change this, please?
On 17/11/2020 10.08, Simon Avery wrote:
If I click on that link, it takes me to Uyuni’s login page at http:/… /rhn/manager/login?url_bounce=%2Frhn%2Ferrata%2Fdetails%2FDetails.do%3Feid%3D1824&request_method=GET
Does it help if you add: ssl_available = 1 to /etc/rhn/rhn.conf and restart all services? IIUC that should produce an https:// URL. HTH Regards, -- Silvio Moioli SUSE Manager Development Team
Hi Silvio, There's no ssl_available setting in there, but there is a db.ssl_available web.ssl_available The latter was on 0, so I've changed that to 1 and restarted Uyuni. That has changed the behaviour - if I follow one of the old http://... rhn/errata/details/Details.do?eid=1836 email links it no longer goes into an authentication loop, but instead displays a "Page Request Error" in the main pane. I won't know if that's fixed the root problem of the auto generated email providing http instead of https links until I next get one - but it does seem to be on the right track. Thanks -----Original Message----- From: Silvio Moioli <moio@suse.de> Sent: 17 November 2020 09:36 To: users@lists.uyuni-project.org Subject: [EXTERNAL EMAIL] Re: http to https in generated emails? On 17/11/2020 10.08, Simon Avery wrote:
If I click on that link, it takes me to Uyuni’s login page at http:/… /rhn/manager/login?url_bounce=%2Frhn%2Ferrata%2Fdetails%2FDetails.do%3 Feid%3D1824&request_method=GET
Does it help if you add: ssl_available = 1 to /etc/rhn/rhn.conf and restart all services? IIUC that should produce an https:// URL. HTH Regards, -- Silvio Moioli SUSE Manager Development Team _______________________________________________ Uyuni Users mailing list -- users@lists.uyuni-project.org To unsubscribe, email users-leave@lists.uyuni-project.org List Netiquette: https://en.opensuse.org/openSUSE:Mailing_list_netiquette List Archives: https://lists.opensuse.org/archives/list/users@lists.uyuni-project.org
As a follow up - now had some more notifications and they are using https:// in the string, so seeing web.ssl_available =1 was the answer. A little surprised this isn't enabled by default in these days of https-everywhere - perhaps something to be considered by the team? Thanks to Silvio. -----Original Message----- From: Simon Avery Sent: 17 November 2020 09:54 To: 'Silvio Moioli' <moio@suse.de>; users@lists.uyuni-project.org Subject: RE: [EXTERNAL EMAIL] Re: http to https in generated emails? Hi Silvio, There's no ssl_available setting in there, but there is a db.ssl_available web.ssl_available The latter was on 0, so I've changed that to 1 and restarted Uyuni. That has changed the behaviour - if I follow one of the old http://... rhn/errata/details/Details.do?eid=1836 email links it no longer goes into an authentication loop, but instead displays a "Page Request Error" in the main pane. I won't know if that's fixed the root problem of the auto generated email providing http instead of https links until I next get one - but it does seem to be on the right track. Thanks -----Original Message----- From: Silvio Moioli <moio@suse.de> Sent: 17 November 2020 09:36 To: users@lists.uyuni-project.org Subject: [EXTERNAL EMAIL] Re: http to https in generated emails? On 17/11/2020 10.08, Simon Avery wrote:
If I click on that link, it takes me to Uyuni’s login page at http:/… /rhn/manager/login?url_bounce=%2Frhn%2Ferrata%2Fdetails%2FDetails.do%3 Feid%3D1824&request_method=GET
Does it help if you add: ssl_available = 1 to /etc/rhn/rhn.conf and restart all services? IIUC that should produce an https:// URL. HTH Regards, -- Silvio Moioli SUSE Manager Development Team _______________________________________________ Uyuni Users mailing list -- users@lists.uyuni-project.org To unsubscribe, email users-leave@lists.uyuni-project.org List Netiquette: https://en.opensuse.org/openSUSE:Mailing_list_netiquette List Archives: https://lists.opensuse.org/archives/list/users@lists.uyuni-project.org
Mine seems to have these e-mails sent out with https links by default. -- Allen Beddingfield Systems Engineer Office of Information Technology The University of Alabama Office 205-348-2251 allen@ua.edu ________________________________________ From: Simon Avery <Simon.Avery@atass-sports.co.uk> Sent: Tuesday, November 17, 2020 7:34 AM To: Silvio Moioli; users@lists.uyuni-project.org Subject: [EXTERNAL] RE: [EXTERNAL EMAIL] Re: http to https in generated emails? As a follow up - now had some more notifications and they are using https:// in the string, so seeing web.ssl_available =1 was the answer. A little surprised this isn't enabled by default in these days of https-everywhere - perhaps something to be considered by the team? Thanks to Silvio. -----Original Message----- From: Simon Avery Sent: 17 November 2020 09:54 To: 'Silvio Moioli' <moio@suse.de>; users@lists.uyuni-project.org Subject: RE: [EXTERNAL EMAIL] Re: http to https in generated emails? Hi Silvio, There's no ssl_available setting in there, but there is a db.ssl_available web.ssl_available The latter was on 0, so I've changed that to 1 and restarted Uyuni. That has changed the behaviour - if I follow one of the old http://... rhn/errata/details/Details.do?eid=1836 email links it no longer goes into an authentication loop, but instead displays a "Page Request Error" in the main pane. I won't know if that's fixed the root problem of the auto generated email providing http instead of https links until I next get one - but it does seem to be on the right track. Thanks -----Original Message----- From: Silvio Moioli <moio@suse.de> Sent: 17 November 2020 09:36 To: users@lists.uyuni-project.org Subject: [EXTERNAL EMAIL] Re: http to https in generated emails? On 17/11/2020 10.08, Simon Avery wrote:
If I click on that link, it takes me to Uyuni’s login page at http:/… /rhn/manager/login?url_bounce=%2Frhn%2Ferrata%2Fdetails%2FDetails.do%3 Feid%3D1824&request_method=GET
Does it help if you add: ssl_available = 1 to /etc/rhn/rhn.conf and restart all services? IIUC that should produce an https:// URL. HTH Regards, -- Silvio Moioli SUSE Manager Development Team _______________________________________________ Uyuni Users mailing list -- users@lists.uyuni-project.org To unsubscribe, email users-leave@lists.uyuni-project.org List Netiquette: https://en.opensuse.org/openSUSE:Mailing_list_netiquette List Archives: https://lists.opensuse.org/archives/list/users@lists.uyuni-project.org _______________________________________________ Uyuni Users mailing list -- users@lists.uyuni-project.org To unsubscribe, email users-leave@lists.uyuni-project.org List Netiquette: https://en.opensuse.org/openSUSE:Mailing_list_netiquette List Archives: https://lists.opensuse.org/archives/list/users@lists.uyuni-project.org
On 17/11/2020 14.34, Simon Avery wrote:
A little surprised this isn't enabled by default in these days of https-everywhere - perhaps something to be considered by the team?
Right, https://github.com/uyuni-project/uyuni/pull/2867 Regards, -- Silvio Moioli SUSE Manager Development Team
participants (3)
-
Beddingfield, Allen -
Silvio Moioli -
Simon Avery