There are 2 sonar instances (TEST, PROD) but isolated in different VLANs. They don’t see each other.
Looks like the browser doesn’t affect to this problem (chrome, IE, edge … incognito)
I cannot reproduce it when accessing directly to sonar server (http://host:9000). But the problem is happening often if accessing through apache (https://easy-url/). This sounds like the apache layer need some fine tweak …
I know that this is out of sonar scope but i think that it will be useful for the community to have a “canonical” apache configuration.
We’re running sonar in a RHEL7 with a pretty standard SSL-offload / reverse proxy. Maybe we should set some apache timeout to match sonar session timeout?
Listen 443 https
SSLPassPhraseDialog exec:/usr/libexec/httpd-ssl-pass-dialog
SSLSessionCache shmcb:/run/httpd/sslcache(512000)
SSLSessionCacheTimeout 300SSLRandomSeed startup file:/dev/urandom 256
ProxyRequests Off ProxyPreserveHost On
SSLRandomSeed connect builtin
SSLCryptoDevice builtinRequestHeader set X-Forwarded-Proto https
ServerName sonar-test.mycompany.com
ServerAdmin me@mycompany.com
ProxyPass / http://localhost:9000/
ProxyPassReverse / https://sonar-test.mycompany.com/
ErrorLog logs/sonar_error.log
CustomLog logs/sonar_access.log commonTransferLog logs/ssl_access_log
LogLevel warnSSLEngine on
SSLProtocol all -SSLv2 -SSLv3
SSLCipherSuite HIGH:3DES:!aNULL:!MD5:!SEED:!IDEA
SSLCertificateFile /etc/pki/tls/certs/sonar-test.pem
SSLCertificateKeyFile /etc/pki/tls/private/sonar-test.key<Files ~ “.(cgi|shtml|phtml|php3?)$”>
SSLOptions +StdEnvVars
<Directory “/var/www/cgi-bin”>
SSLOptions +StdEnvVars
BrowserMatch “MSIE [2-5]”
nokeepalive ssl-unclean-shutdown
downgrade-1.0 force-response-1.0CustomLog logs/ssl_request_log
“%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x "%r" %b”
Thank you.