In 3.6.x Mission Portal is configured by default to listen on both secure and unsecure ports. When this policy is activated on the hub all nonsecure traffic will be redirected to https.
bundle agent cfe_internal_mission_portal_ensure_https { meta: "description" string => "Ensure that mission portal is only accessed via a secure connection by redirecting non https traffic to https."; vars: "http_redirect" string => "RewriteCond %{HTTPS} off RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]", comment => "To prevent accidental login over http this automatically redirects all http requests to https"; files: "$(sys.workdir)/share/GUI/Apache-htaccess" edit_line => append_if_no_line($(http_redirect)), comment => "We edit the file in share because cfe_internal_setup_knowledge_files_doc_root_htaccess ensures that the deployed htaccess file is copied from share so if we dont promise the source then we will have continual repairs."; }
Activate the policy using a methods type promise:
bundle agent example { methods: enterprise_edition.policy_server:: "Redirect_Http" usebundle => cfe_internal_mission_portal_ensure_https, comment => "Redirect all http traffic to https for improved security"; }