httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Dimitri Yioulos <dyiou...@firstbhph.com>
Subject Re: [users@httpd] SSL and directories
Date Fri, 07 Oct 2005 13:48:09 GMT
Thanks! You made it very easy to understand.  I'm most grateful.

I installed mod_ssl (had to, of course), and the SSLEngine, 
SSLCertificateFile ..., and SSLCertificateKeyFile ... directives are in 
ssl.conf.  If I put the same info in the httpd.conf https virtual host 
section, won't it bump into the stuff in ssl.conf, causing httpd to complain 
and fail?  If that's the case, and I think it is based on preevious tries, 
what would the https virtual host section then have to look like?

Dimitri


On Friday October 07 2005 9:02 am, Axel-St├ęphane  SMORGRAV wrote:
> Sounds like you have a redirect loop.
>
> What I would do is define one virtual host for http and one for https. The
> redirect rule would go inside the http virtual host, and the "business
> logic" would go inside the https VH.
>
> DocumentRoot /var/www/html
> ErrorLog logs/error.log
> CustomLog logs/access.log combined env=!dontlog
> SSLCaCertificatePath ...
> SSLRandomSeed startup builtin
> SSLRandomSeed connect builtin
>
> Listen 192.168.1.10:80
> Listen 192.168.1.10:443
>
> # Make sure that the contents of this directory can only be read over SSL
> <Directory /var/www/html/program>
> 	SSLRequireSSL
> </Directory>
>
> <VirtualHost 192.168.1.10:80>
> 	ServerName mailserver
> 	...
> 	Redirect /program https://mailserver/program
> </VirtualHost>
>
> <VirtualHost 192.168.1.10:443>
> 	ServerName mailserver
>
> 	SSLEngine On
>
> 	SSLCertificateFile ...
> 	SSLCertificateKeyFile ...
>
> 	# Business logic
>
> </VirtualHost>
>
> BR
> -ascs
>
> -----Original Message-----
> From: Dimitri Yioulos [mailto:dyioulos@firstbhph.com]
> Sent: Friday, October 07, 2005 2:22 PM
> To: users@httpd.apache.org
> Subject: Re: [users@httpd] SSL and directories
>
> Thanks so much for the reply.  I guess I didn't understand the
> SSLRequireSSL directive; it's an enforcement directive then.  I mistook it
> for a redirector (don't ask how I arrived at that conclusion :-(doh)  ).
>
> May I press on?  As I previously mentioned, I installed a web mail program
> on my mail server, and through its conf file, ahve it SSL-enabled.  Users
> reach that program by being redirected by our web server (using the
> directive "redirect /webmailprog
> https://mailserver.mydomain.com/webmailprog", and it works great.  Now,
> however, if I add a similar redirector on the mail server to try and see
> that http://mailserver/program goes to
> https://mailserver/program, I get a complaint that there are too many
> redirectors for this http server.  Point of story - how can I make sure
> that http:// goes to https://?
>
> For that matter, how can I set up so that any particular directory is
> SSL-enabled and http:// is redirected to https://?
>
> I appreciate your help.
>
> Dimitri
>
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>    "   from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org

-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message