[Mailman-Users] Mailman 2.1.X and HTTPS
Richard at Damon-Family.org
Thu Jul 26 07:48:33 EDT 2018
On 7/26/18 7:26 AM, Jayson Smith wrote:
> I'm currently using 2.1.26. Recently I had LetsEncrypt add lines to my
> Apache configuration to redirect browsers from HTTP to HTTPS URLs.
> This morning I found that this doesn't seem to work well with Mailman
> database admin pages, I couldn't get Mailman to reject a held message
> until I commented out those Apache config lines. Is there a way to
> make Mailman work using HTTPS?
> My reason for the redirect is that I'd heard that browsers, in
> particular Chrome, are going to start warning about insecure sites.
> Does this mean if any URL begins with HTTP people will have to click
> through warnings, or is just the fact that HTTPS is available good
> enough, even if the user or link didn't specify HTTPS?
The issue is probably that the links still point to the http version,
which is redirecting to the https and losing the form data. You need to
change the config variable that gives the base page for the admin pages
to point to the https version. (Someone more familiar with the details
will need to provide those if my rough description isn't good enough).
More information about the Mailman-Users