3 Replies Latest reply on Feb 14, 2004 5:10 PM by Viet

    SSL with Nukes?

    mcscottmc Newbie

      Hi,
      We are trying to use SSL with Nukes and are seeing some weird results. If I type in https://localhost/ then my Nukes site comes up but there is no "lock" icon in my browser, and all links are http://localhost:443/mylink.html. Notice that the protocol of the links is http, not https. Clicking on the links causes erratic behaviour such as style sheets not being applied, missing resources like images, and, in the case of redirection, weird binary being downloaded instead of the page. Of course, all of the things I listed above only happen sometimes in an unpredicatable manner.

      My SSL is properly configured with JBoss/Tomcat. If I hit the jmx-console or another webapp that I have deployed, they both work fine giving me the "lock" and all links are for https://.

      So the question is, does Nukes do something really weird to maul the protocol/url? I figure Nukes must be the one prepending all links with http:// and post pending the host with :443. This is definitely a problem. I am no SSL expert so any help would be greatly appreciated.

      -Scott

        • 1. Re: SSL with Nukes?
          Viet Master

          I never tried it so far and I am not an SSL expert as well. If someone has experience here that would be cool to looki into that problem

          • 2. Re: SSL with Nukes?
            mcscottmc Newbie

            OK,
            I found the problem and I have a fix. The problem was in org.jboss.nukes.util.Tools.computeServerBase(String, int String). The code was hardcoding "http://" into every base URL. I updated my local copy to also take in a scheme:

             public static String computeServerBase(String scheme, String serverName, int port, String context)
             {
             StringBuffer base = new StringBuffer(scheme).append("://").append(serverName);
             if (port != 80)
             {
             base.append(':').append(port);
             }
             base.append(context);
             return base.toString();
             }
            


            I also edited ThemeSupport and BBModule to now pass in page.getScheme() as the first parameter. SSL works now. You might want to update this in the CVS.

            -Scott

            • 3. Re: SSL with Nukes?
              Viet Master

              I will, just send me an email as reminder please