Seafile with https and apache

Hi,

I tried to follow the official instructions for setting up Seafile with https, but I failed: https : // manual . seafile . com/deploy/https_with_apache.html

Here is what I did:

  • Installed Seafile and successfully tested functionality using http on port 8000

  • Opened Port 8001 on my firewall and added port 8001 in ports.conf of apache

  • Added the following virtual host to the apache conf:
    <VirtualHost *:8001>
    ServerName myserver . mydomain . com
    DocumentRoot /var/www

      SSLEngine On
      SSLCertificateFile /opt/seafile/certificate/certificate.crt
      SSLCertificateKeyFile /opt/seafile/certificate/private.key
      SSLCACertificateFile /opt/seafile/certificate/ca_bundle.crt
    
      Alias /media  /opt/seafile/seafile-server-latest/seahub/media
    
      <Location /media>
        Require all granted
      </Location>
    
      RewriteEngine On
    
      #
      # seafile fileserver
      #
      ProxyPass /seafhttp http://127.0.0.1:8082
      ProxyPassReverse /seafhttp http://127.0.0.1:8082
      RewriteRule ^/seafhttp - [QSA,L]
    
      #
      # seahub
      #
      SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=$1
      ProxyPreserveHost On
      ProxyPass / http://127.0.0.1:8000/
      ProxyPassReverse / http://127.0.0.1:8000/
    
  • changed these two URLs in the admin web UI:
    SERVICE_URL = https : // myserver . mydomain . com:8001
    FILE_SERVER_ROOT = https : // myserver . mydomain . com:8082

When trying to access myserver . mydomain . com:8001 I get the following error:

Internal Server Error

The server encountered an internal error or misconfiguration and was unable to complete your request.

Please contact the server administrator at [no address given] to inform them of the time this error occurred, and the actions you performed just before this error.

More information about this error may be available in the server error log.

In /var/log/apache2/error.log the following two lines are being written every time I try to access myserver . mydomain . com:8001:

[Tue Jun 25 19:44:53.371845 2019] [proxy:warn] [pid 8162:tid 139966441043712] [client 95.33.38.152:64301] AH01144: No protocol handler was valid for the URL / (scheme ‘http’). If you are using a DSO version of mod_proxy, make sure the proxy submodules are included in the configuration using LoadModule.
[Tue Jun 25 19:44:53.700922 2019] [proxy:warn] [pid 8161:tid 139966441043712] [client 95.33.38.152:64302] AH01144: No protocol handler was valid for the URL /favicon.ico (scheme ‘http’). If you are using a DSO version of mod_proxy, make sure the proxy submodules are included in the configuration using LoadModule., referer: https : // myserver . mydomain . com:8001/

I also tried the suggestion from here:
https : // forum . seafile . com/t/help-with-apache-https-configuration/535
So I replaced the seahub section with this:

RewriteRule ^/(media.*)$ /$1 [QSA,L,PT]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^/(seafile/.*)$ /seahub.fcgi/$1 [QSA,L,E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]

Afterwards I was able to browse the files, but that’s not what I want. I would like to use a secure connection to the regular seafile interface.

All of this indicates me that the port forwarding works correctly, but somehow the connection to seafile apparently does not work. Unfortunately I am not very experienced with seafile nor with apache, so I have no idea where to find more details about this error. Any idea what I could be doing wrong? Any help is appreciated!

Thank you very much in advance!
Adrian

The only difference I see to my apache configuration is in the ccnet.conf. I have:
SERVICE_URL = https://www.xxx.net:8001
FILE_SERVER_ROOT = https://www.xxx.net:8001/seafhttp

Means the file-server-root looks different to yours.

Thank you very much for the reply! I found the problem and it’s really stupid. I was missing slashes at the end of the ProxyPass of the seafile server.
So this:
#
# seafile fileserver
#
ProxyPass /seafhttp http://127.0.0.1:8082
ProxyPassReverse /seafhttp http://127.0.0.1:8082
RewriteRule ^/seafhttp - [QSA,L]

Should look like this:
#
# seafile fileserver
#
ProxyPass /seafhttp http://127.0.0.1:8082/
ProxyPassReverse /seafhttp http://127.0.0.1:8082/
RewriteRule ^/seafhttp - [QSA,L]

I found the solution here:
https : // serverfault . com / questions / 773449 / no-protocol-handler-valid-for-the-url-with-httpd-mod-proxy-balancer

1 Like