logo

The ConnectWise Control forum has moved to ConnectWise University! This forum has been locked and is in read-only mode. Click here for instructions on how to access the new forum.

Welcome Guest! You can not login or register.

Notification

Icon
Error

Options
Go to last post Go to first unread
CalmComputing  
#1 Posted : Monday, March 9, 2015 7:48:32 PM(UTC)
CalmComputing


Rank: Newbie

Joined: 3/5/2015(UTC)
Posts: 3
United States
Location: Massachusetts

Thanks: 2 times
Hi All,

We set up our ScreenConnect site to be located at: http://subdomain.domain.com which is currently live with ScreenConnect. Our server has multiple SSL certificates for the various 20-30 websites on it including a wildcard certificate that we are going to use for ScreenConnect. We do not use NGIX and instead use Apache2. We also use OpenSSL instead of Mono. I've managed to get the SSL cert working for ScreenConnect but it appears to be the wrong way to do it since it isn't fully recognized. We've been able to set it up so that users are redirected from http to https using the vhosts file but we can't seem to figure out how to finish setting up the ssl (i.e. make the relay display the hostname instead of the server ip address and change the invite email/link use https instead of http).

Right now in the status under external accessibility check is shows:

Web Server Test URL: http://subdomain.domain.com:8040/
Web Server Error:
Relay Test URL: relay://subdomain.domain.com:8041/
Relay Error:

and for the browser url check as:

Browsable: True
Your URL: http://subdomain.domain.com:8040/Administration.aspx?Tab=0 (Even though the actual browser url is: https://subdomain.domain.com/Administration?Tab=0)
Possible URLs: http://subdomain.domain.com:8040/Administration.aspx?Tab=0
http://publicipaddress:8040/Administration.aspx?Tab=0

It's likely an error in our vhosts file or a change we haven't made yet in the web.config file but we've made several changes in both files to see if it makes a difference and it does not fix the issue and usually just gives us a 503 Service Unavailable Error.

Here is what is in our vhosts file:

<VirtualHost *:80>
ServerName subdomain.domain.com
Redirect / https://subdomain.domain.com
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined

</VirtualHost>

<IfModule mod_ssl.c>
<VirtualHost *:443>

ServerName subdomain.domain.com
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined

# SSL Engine Switch:
# Enable/Disable SSL for this virtual host.
SSLEngine on

SSLCertificateFile /etc/apache2/ssl/domain.com/STAR_domain_com.crt
SSLCertificateKeyFile /etc/apache2/ssl/domain.com/star_domain_com.key

ProxyPreserveHost On
ProxyPass / http://publicipaddress:8040/
ProxyPassReverse / http://publicipaddress:8040/
ProxyPass / http://publicipaddress:8041/
ProxyPassReverse / http://publicipaddress:8041/

</VirtualHost>
</IfModule>

Our web.config file hasn't been changed or had anything for https added so it's:

<add key="WebServerListenUri" value="http://+:8040/">
</add>
<add key="RelayListenUri" value="relay://+:8041/">
</add>

We've tried changing those to all sorts of different things and even tried using
<add key="RelayAddressableUri" value="relay://subdomain.domain.com:8041"> and
<add key="WebServerAddressableUri" value="https://subdomain.domain.com:8040">
with no luck. All the documentation I've found uses Mono or the SSL Configurator which doesn't work for us in this situation.

Any help would be greatly appreciated.

Thanks,
Brian

Alexander  
#2 Posted : Monday, March 23, 2015 3:05:47 PM(UTC)
Alexander


Rank: Administration

Medals: Level 3: Shirt off your back! Received 25 Thanks!

Joined: 7/23/2013(UTC)
Posts: 715
Man
Location: Raleigh, NC

Was thanked: 66 time(s) in 63 post(s)
Well, to start with, wouldn't it be <add key="WebServerAddressableUri" value="https://subdomain.domain.com"> instead of <add key="WebServerAddressableUri" value="https://subdomain.domain.com:8040">?
ScreenConnect Team
CalmComputing  
#3 Posted : Monday, March 23, 2015 11:04:21 PM(UTC)
CalmComputing


Rank: Newbie

Joined: 3/5/2015(UTC)
Posts: 3
United States
Location: Massachusetts

Thanks: 2 times
Thanks Alexander for your reply and help thus far. I've added the suggested code to the web.config.

So my current web.config settings are:

<add key="WebServerAddressableUri" value="https://subdomain.domain.com"></add>
<add key="WebServerListenUri" value="http://+:8040"></add>
<add key="RelayListenUri" value="relay://+:8041"></add>

In the web administration backend under browser url check:

Browsable: True

Your URL: http://subdomain.domain.com:8040/Administration.aspx

Possible URLs:
http://subdomain.domain.com:8040/Administration.aspx
http://[server_ip_address]:8040/Administration.aspx

However the actual url in the browser is:
https://subdomain.domain.com/Administration

Any additional thoughts?

Thanks,
Brian
Alexander  
#4 Posted : Tuesday, March 24, 2015 5:26:42 PM(UTC)
Alexander


Rank: Administration

Medals: Level 3: Shirt off your back! Received 25 Thanks!

Joined: 7/23/2013(UTC)
Posts: 715
Man
Location: Raleigh, NC

Was thanked: 66 time(s) in 63 post(s)
That check has never been 100% accurate; getting urls to the current page can be tricky. And in this case, there's no way for ScreenConnect to tell that you're actually using the https url in your browser because of the reverse proxy.
ScreenConnect Team
Users browsing this topic
Forum Jump  
You cannot post new topics in this forum.
You cannot reply to topics in this forum.
You cannot delete your posts in this forum.
You cannot edit your posts in this forum.
You cannot create polls in this forum.
You cannot vote in polls in this forum.