Strato and https

Technical assistance
4

Have you changed from HTTP to HTTPS in the admin configuration in the Webinterface?

image
image1356×786 63 KB

For comparison my Nginx zammad.conf . Please be aware that I use Lets-Encrypt but it should be nearly the same except the location of your key.

this is the nginx config for zammad

upstream zammad-railsserver {
server 127.0.0.1:3000;
}

upstream zammad-websocket {
server 127.0.0.1:6042;
}

server {

# replace 'localhost' with your fqdn if you want to use zammad from remote
server_name ticket.domain.de;

# security - prevent information disclosure about server version
server_tokens off;

root /opt/zammad/public;

access_log /var/log/nginx/zammad.access.log;
error_log  /var/log/nginx/zammad.error.log;

client_max_body_size 50M;

location ~ ^/(assets/|robots.txt|humans.txt|favicon.ico) {
    expires max;
}

location /ws {
    proxy_http_version 1.1;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection "Upgrade";
    proxy_set_header CLIENT_IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header X-Forwarded-Proto $scheme;
    proxy_read_timeout 86400;
    proxy_pass http://zammad-websocket;
}

location / {
    proxy_set_header Host $http_host;
    proxy_set_header CLIENT_IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header X-Forwarded-Proto $scheme;
    proxy_read_timeout 300;
    proxy_pass http://zammad-railsserver;

    gzip on;
    gzip_types text/plain text/xml text/css image/svg+xml application/javascript application/x-javascript application/json application/xml;
    gzip_proxied any;
}

listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/ticket.domain.de/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/ticket.domain.de/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

}

server {
if ($host = ticket.domain.de) {
return 301 https://$host$request_uri;
} # managed by Certbot

listen 80;
server_name ticket.domain.de;
return 404; # managed by Certbot

}