Hi,
i use Univention Corporate Server for my Webapps. Rocketchat is one App in my Case.
Univention uses Proxypass.
<IfModule mod_ssl.c>
<VirtualHost *:443>
IncludeOptional /etc/apache2/ucs-sites.conf.d/*.conf
SSLEngine on
SSLProxyEngine on
SSLProxyCheckPeerCN off
SSLProxyCheckPeerName off
SSLProxyCheckPeerExpire off
SSLCertificateFile /etc/letsencrypt/live/server.domain.tld/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/server.domain.tld/privkey.pem
SSLCACertificateFile /etc/univention/ssl/ucsCA/CAcert.pem
#SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
### To enable special log format for HTTPS-access
# LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-agent}i\" %p" combinedssl
# CustomLog /var/log/apache2/access.log combinedssl ## with port number
ProxyPass /rocketchat/ http://127.0.0.1:40004/rocketchat/ retry=0
ProxyPassReverse /rocketchat/ http://127.0.0.1:40004/rocketchat/
Infront of my Server i use a Nginx Reverse Proxy
upstream rocketchat {
server 10.0.0.16:443;
}
server {
listen 443 ssl;
listen [::]:443;
ssl_certificate /etc/letsencrypt/live/central.c-lab.one/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/central.c-lab.one/privkey.pem;
ssl on;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
client_max_body_size 20000m;
access_log /var/log/nginx/chat-access.log adv;
error_log /var/log/nginx/chat-error.log notice;
location ^~ /.well-known { root /var/www/letsencrypt; }
location ~ / {
proxy_pass https://rocketchat;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $server_name;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forward-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forward-Proto http;
proxy_set_header X-Nginx-Proxy true;
proxy_redirect off;
}
}
My Problem:
I can login with Webbrowser and Rocketchat Computer App. I cant login with mobile App android 4.0.2.
Any idea, how i can solve it? is something wrong?
If you need any information, please tell me