Page 1 of 3

HTTPS Howto?

Posted: 30 Apr 2013, 06:24
by graymattr
Just wondering if anyone could point me to, or write up a way to implement SSL (HTTPS) for a tt-rss instance? I gave it a go today, but found that I was getting errors (tracebacks when accessing preferences, etc). I've not set up SSL previously, so I could use a walkthrough if someone would be kind enough to direct me to one.

Just to be clear, I read through the SSL certificate page in the wiki, but I am looking to get a CA signed SSL cert (rather than a self signed one) to encrypt my connection to my tt-rss instance.

Cheers!

Re: HTTPS Howto?

Posted: 30 Apr 2013, 06:51
by AngryChris
Based on the description of your problem I have question. Do you have https:// correctly configured in your config.php under:

Code: Select all

   define('SELF_URL_PATH', 'http://yourserver/tt-rss/');
   // Full URL of your tt-rss installation. This should be set to the
   // location of tt-rss directory, e.g. http://yourserver/tt-rss/
   // You need to set this option correctly otherwise several features
   // including PUSH, bookmarklets and browser integration will not work properly.

?

Re: HTTPS Howto?

Posted: 30 Apr 2013, 08:01
by gbcox
There is a very good tutorial here. It is Fedora and Nginx (which I recommend, btw) specific, but should help you out even if you aren't using either...
https://getpantheon.atlassian.net/wiki/ ... y+Tiny+RSS

Re: HTTPS Howto?

Posted: 30 Apr 2013, 13:07
by jakob42
There isn't a good way to help you without more info. Google a SSL howto for your distro and your webserver and then change the url as AngryChris said. There is nothing more you need to do. On the topic of SSL certificate, http://www.startssl.com/ worked fine for my personal tt-rss instance.

Re: HTTPS Howto?

Posted: 30 Apr 2013, 13:22
by fox
Moving to support because there's no KB material here. Also, "plz halp I can't setup mah server https" sounds like offtopic to me.

Re: HTTPS Howto?

Posted: 30 Apr 2013, 16:06
by jmozmoz
I found this for openshift: https://www.openshift.com/kb/kb-e1044-h ... c-to-https

Add this to your .htaccess file:

Code: Select all

RewriteEngine on 

RewriteCond %{HTTP:X-Forwarded-Proto} !https 
RewriteRule .* https://%{HTTP_HOST}%{REQUEST_URI} [R,L] 

Re: HTTPS Howto?

Posted: 30 Apr 2013, 21:46
by graymattr
Thanks for the tips. I'll do some reading, and check my config.

Re: HTTPS Howto?

Posted: 01 May 2013, 06:59
by jchristi
great tip jmozmoz!

Re: HTTPS Howto?

Posted: 01 May 2013, 21:20
by justauser
Here is a link on how to create self-signed certificates for lighttpd:

http://www.cyberciti.biz/tips/howto-lighttpd-create-self-signed-ssl-certificates.html

Re: HTTPS Howto?

Posted: 02 May 2013, 01:24
by graymattr
I'm still getting some brokenness on the https:// site. Occasionally when I load it, I see a red exclamation point in the top right corner. I can sometimes reload to clear that, but no matter what, when I navigate to preferences, I see:


Code: Select all

SyntaxError: Unexpected end of input
    at Object.parse (native)
    at backend_sanity_check_callback (https://www.mysite.com/prefs.php:170:16)
    at Ajax.Request.onComplete (https://www.mysite.com/prefs.php:317:1304)
    at klass.Ajax.Request.Class.create.respondToReadyState (https://www.mysite.com/lib/prototype.js?1365063697:1617:62)
    at klass.Ajax.Request.Class.create.onStateChange (https://www.mysite.com/lib/prototype.js?1365063697:1547:12)
    at XMLHttpRequest.<anonymous> (https://www.mysite.com/lib/prototype.js?1365063697:393:23)


My apache log is as follows:

Code: Select all

[Thu May 02 06:04:49 2013] [error] [client x.x.x.x] PHP Parse error:  syntax error, unexpected '(' in /home/user/public_html/mysite.com/public.php on line 2, referer: https://www.mysite.com/index.php
[Thu May 02 06:04:50 2013] [notice] child pid 909 exit signal Segmentation fault (11)
[Thu May 02 06:04:50 2013] [notice] child pid 915 exit signal Segmentation fault (11)
[Thu May 02 06:04:52 2013] [error] [client xx.xx.xx.xxx] PHP Parse error:  syntax error, unexpected ';' in /home/user/public_html/mysite.com/public.php on line 3, referer: https://www.mysite.com/index.php
[Thu May 02 06:04:53 2013] [notice] child pid 30767 exit signal Segmentation fault (11)
[Thu May 02 06:04:54 2013] [error] [client x.x.x.x] PHP Warning:  array_key_exists() expects parameter 2 to be array, null given in /home/user/public_html/mysite.com/lib/gettext/streams.php on line 73, referer: https://www.mysite.com/index.php
[Thu May 02 06:04:54 2013] [error] [client x.x.x.x] PHP Warning:  array_key_exists() expects parameter 2 to be array, null given in /home/user/public_html/mysite.com/lib/gettext/streams.php on line 73, referer: https://www.mysite.com/index.php
[Thu May 02 06:04:54 2013] [error] [client x.x.x.x] PHP Fatal error:  Class declarations may not be nested in /home/user/public_html/mysite.com/lib/pubsubhubbub/publisher.php on line 8, referer: https://www.mysite.com/index.php
[Thu May 02 06:04:54 2013] [error] [client x.x.x.x] PHP Parse error:  syntax error, unexpected T_PROTECTED, expecting '(' in Unknown on line 0, referer: https://www.mysite.com/index.php
[Thu May 02 06:04:55 2013] [notice] child pid 918 exit signal Segmentation fault (11)
zend_mm_heap corrupted
zend_mm_heap corrupted


I did some searching, but have come up empty. Any direction helps. Thanks!

Re: HTTPS Howto?

Posted: 02 May 2013, 12:21
by xtaz
That looks horribly broken. Your PHP interpreter is actually crashing and the PHP errors look like the files are corrupted or something. You sure you don't have any hardware or filesystem corruption issues on the server itself?

Re: HTTPS Howto?

Posted: 02 May 2013, 18:55
by graymattr
Not that I'm aware of, no. There's another wordpress site running on this server, which seems to work fine. It's odd too that if I dont connect over port 443, I dont see any of these errors.

Perhaps it is time for a reinstall of tt-rss...

Re: HTTPS Howto?

Posted: 02 May 2013, 22:37
by graymattr
Super odd. By loading the https:// site, I can trigger these apache errors every time. If I use port 80, no errors at all, even after long periods. I even reinstalled tt-rss and cleaned up my config.php (extra tabs) and themes (extra whitespace/tabs).

Is it possible something in my sites-available is to blame? Is there the apache default suitable for tt-rss?

Re: HTTPS Howto?

Posted: 03 May 2013, 08:38
by sleeper_service
graymattr wrote:Super odd. By loading the https:// site, I can trigger these apache errors every time. If I use port 80, no errors at all, even after long periods. I even reinstalled tt-rss and cleaned up my config.php (extra tabs) and themes (extra whitespace/tabs).

Is it possible something in my sites-available is to blame? Is there the apache default suitable for tt-rss?


I set up https on my apache (2.2) the other day, no problem at all. I set up https, no errors, just added ssl.conf to the conf dirs, and configured it, created keys, and it works.

Re: HTTPS Howto?

Posted: 03 May 2013, 10:47
by Athanasius
Try googling that "Segmentation fault" error and you quickly end up at http://stackoverflow.com/questions/7745 ... e-error-lo which has a few suggestions on how to proceed.

Depending on your server configuration this could be as 'simple' as needing to tweak some memory limits. I don't know how defensively PHP is coded against memory exhaustion.