httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Robert Andersson" <rob...@profundis.nu>
Subject Re: Problem between http and https
Date Wed, 31 Jul 2002 07:17:23 GMT
EdwardSPL@ita.org.mo wrote:

> # SSL port
> <VirtualHost 192.168.200.1:443>
> <IfDefine SSL>
> RewriteEngine on
> RewriteLog /www/var/log/https_rewrite_log
> RewriteLogLevel 1
> RewriteCond %{443}      !^443$
> RewriteRule ^/(.*)              https://%{webmail.mydomain.com}/$1 [L,R]
> RewriteEngine on
> RewriteOptions inherit
> DocumentRoot "/usr/local/apache/htdocs"
> ServerName webmail.mydomain.com
> ServerAdmin root@mydomain.com
> ErrorLog /usr/local/apache/logs/error_log
> TransferLog /usr/local/apache/logs/access_log
> SSLEngine on
> SSLCipherSuite
ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
> SSLCertificateFile /usr/local/apache/conf/ssl.crt/server.crt
> SSLCertificateKeyFile /usr/local/apache/conf/ssl.key/server.key
> <Files ~ "\.(cgi|shtml|phtml|php3?)$">
>     SSLOptions +StdEnvVars
> </Files>
> <Directory "/usr/local/apache/cgi-bin">
>     SSLOptions +StdEnvVars
> </Directory>
> SetEnvIf User-Agent ".*MSIE.*" \
>          nokeepalive ssl-unclean-shutdown \
>          downgrade-1.0 force-response-1.0
> CustomLog /usr/local/apache/logs/ssl_request_log \
>           "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
> </IfDefine>
> </VirtualHost>
> [...]
> So, the setting of ssl part is right ?

Well, does it work if you type in https://webmail.mydomain.com/? If not, I'm
sorry to say, I'm not the one to ask.

> # non-ssl port
>
> <VirtualHost 192.168.200.1:80>
> DocumentRoot "/usr/local/apache/htdocs"
> ServerName www.mydomain.com
> ServerAdmin root@mydomain.com
> ErrorLog /usr/local/apache/logs/error_log
> TransferLog /usr/local/apache/logs/access_log

Redirect / https://webmail.mydomain.com/

> </VirtualHost>

That Redirect directive should do the trick, or am I missing something?

Btw, using SSL for web mail isn't really that necessary. You should use SSL
when it's important when no one must wire-tap the connection. When it comes
to email, the whole transaction procedure (from sender to his/her receiver
SMTP to the recipient's SMTP, ie you?) is unsecure, so doesn't relly do any
good to encrypt such a service. But I could be wrong.

Another BTW, am I wrong in suggesting using Redirect, when many others seem
to suggest unsing rewrite rules, something I'm overlooking?

Regards,
Robert Andersson


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message