Hello and thanks for looking at this. All was running great in v7.3, but now I am getting the 422 error after upgrade to 8.1, even after having added the X-Forwarded-Proto in my Apache2 configuration. It does not recognize a new admin-admin account, and will not let any of the previous users log in at all. No PM has access to their projects.

it does seem to see the original users I had built in from v7.3, as well as the original admin account I had renamed with a different password. I can tell it sees those because it doesnt give an invalid password error, but instead when it is a valid user from the previous setup, it responds with the error: 422 - “Unable to verify Cross-Site Request Forgery token. Did you try to submit data on multiple browsers or tabs? Please close all tabs and try again.” My URL looks like this: https://www.rightdomain.com/openproject/login

Now, the UCS config is set to force SSL, and we use Lets Encrypt for the domain and subdomain - I tried to just enter the http with the correct URL to try and force it to use just the http: but it just redirects to https. I did add the RequestHeader set “X-Forwarded-Proto” and restarted apache2, but still there. So I am unable to even get in to the administration panel inside of OP to reset it to https from http, if that is what happened. I am loathe to stop forcing SSL in UCS as I also have owncloud and wordpress using it. Do you think it would break anything if I deselected “force SSL” in the Univention Management Console? Is that perhaps what I need to do to login again, and then set the OP administration to https from within the app itself, or can I do that from the CLI or the UMC?

To be clear, I cannot access the Open Project instance through the web interface at all now. There is no option to set the http protocol in Univention for it. Can I change this through the CLI or UMC?