Hi guys,
I'm trying to set up Mattermost to work with Apache and I'm having a bit of trouble. Hoping someone has a solution for me...
We're installing Mattermost on a server that has other services running that require Apache and I don't want to install Nginx if I don't have to. I'm hoping Apache can work just as well with the right configuration.
Amongst other things, I have the following 3 lines in my 000-default.conf (VirtualHost for port 80):
<VirtualHost *:80>
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
<VirtualHost>
We have done this so that any requests coming into port 80 automatically get converted to https (Port 443). We have the appropriate SSL keys in place and everything is working well.
What I want to configure:
I would like that any request coming in for Mattermost should be redirected to the appropriate port required for Mattermost (Port 8065) using SSL so that we have secure Mattermost communication.
Challenges:
I don’t want my users to type the :8065 in the URL. That’s not really user friendly so on the main landing page at https:// www .mywebsite.com/ I can create a link that the user can click which will have the port 8065 in it - so something like this https:// www .mywebsite.com:8065/ would connect them to Mattermost. Or even better if they did something like this https:// www .mywebsite.com/mattermost and that would redirect them to the Mattermost chat and appropriate port over SSL.
Here is what I have attempted so far. I followed the configuration guide which I found here:
https:// github.com/mattermost/docs/pull/25/files
When I try to connect to the server using https:// www .mywebsite.com:8065/, the browser returns an error:
Firefox: SSL received a record that exceeded the maximum permissible length. Error code:
Firefox: SSL_ERROR_RX_RECORD_TOO_LONG
Chrome: ERR_SSL_PROTOCOL_ERROR
Record too long. Protocol Error. Hmm how do I make it shorter? And how long is too long? What's up with the protocol! Someone tell the IETF! Ok, after pulling out some hair, I'm calm.
So I look into it and I find that it is a reported error with Certificate providers like Komodo (which is where I bought the SSL we're using):
http:// forum.mattermost.org/t/ssl-error-rx-record-too-long/1419
So it’s recommended to use LetsEncrypt. Ok, so I installed Let’s Encrypt and I see that the browser is now using the Let’s Encrypt certificate but when I go to https:// www .mywebsite.com:8065/ I get the same SSL_ERROR_RX_RECORD_TOO_LONG.
But when I go to http:// www .mywebsite.com:8065 (i.e. without SSL) I’m able to get the Mattermost login page fine.
I just want the SSL. I don't want to forward ports or anything. How can I configure Apache to serve SSL on port 8065?
Dumped cookies and everything. Still the same result.
How can I achieve these objectives? I hope what I'm asking is not an impossible situation.
Thanks!