<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
<meta name="Generator" content="Microsoft Word 15 (filtered medium)">
<style><!--
/* Font Definitions */
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:11.0pt;
font-family:"Calibri",sans-serif;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:#0563C1;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:#954F72;
text-decoration:underline;}
span.EmailStyle17
{mso-style-type:personal-compose;
font-family:"Calibri",sans-serif;
color:windowtext;}
.MsoChpDefault
{mso-style-type:export-only;
font-family:"Calibri",sans-serif;}
@page WordSection1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
</head>
<body lang="EN-US" link="#0563C1" vlink="#954F72">
<div class="WordSection1">
<p class="MsoNormal">Hi all,<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">I’ve been working on implementing ArchivesSpace at our institution and am currently in the process of securing the application. I’ve set it up according to the documentation found in the
<a href="https://github.com/archivesspace/archivesspace/blob/master/README_HTTPS.md">
README_HTTPS file</a> and things have gone mostly well. The site is secured, besides the fact that when requesting items within a listing. When the request email is sent out, originally the URL it included cited “localhost” which wouldn’t lead anywhere. This
was half-solved by changing the URL in ArchivesSpace’s config.rb to match the server URL, but the only problem is this is sending an HTTP instead of HTTPS, so when someone would try to follow the emailed link they end up on port 80 instead of 443. I attempted
to modify the views files that determine the content of the emails, which either provided no change or just broke the email request system. I have also tried using apache’s rewrite module to direct all HTTP requests to HTTPS, but it seems that ArchivesSpace
intercepts the request and the connection ends up not being secured.<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">Does anyone have a suggestion on how to ensure the links in request emails are not only correct, but lead to a secured URL? Any help would be greatly appreciated.<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">-Alan Huebschen<o:p></o:p></p>
<p class="MsoNormal">Brookens Library<o:p></o:p></p>
<p class="MsoNormal">Information Systems<o:p></o:p></p>
<p class="MsoNormal">(217) 206-7115<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
</body>
</html>