On Mon, Jan 18, 2016 at 1:55 AM, Brendan Kearney bpk678@gmail.com wrote:
i have 2 apache instances behind HAProxy, where HAProxy is running the HTTPS and load balancing to RCM in the clear. i have set the 'use_https' option to true, and it works in most cases. i have found an exception and i wanted to see if this has been fixed in more recent versions.
if i browse to https://host.domain.tld/roundcubemail (note https, with no trailing slash), i am redirected to http://host.domain.tld/roundcubemail/ (note not https, with trailing slash).
if i correct the http:// to https:// everything works and all pages are secured. it seems that only the redirect to the URI with the trailing slash is where this comes up.
The redirect from /roundcubemail to /roundcubemail/ is done by Apache and doesn't yet hit Roundcube and its use_https logic. Thus not a Roundcube issue and nothing we could fix on our side. You need to teach Apache to redirect to https.
~Thomas