httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Carlos Williams <>
Subject [users@httpd] How To Secure My Site?
Date Tue, 19 May 2009 23:14:21 GMT

I need help and I am not Apache / SSL expect so please excuse my
ignorance but can someone please tell me if this is possible w/o some
crazy configuration?
My domain '' has an SSL (Verisign) certificate. I have it
installed on my web server running Apache. The config looks as

What I have is an internal & external directory under the document
root (/var/www/html)

When you browse to, the virtual host for Apache is
read and points to /var/www/html/int/main. This works great and my
certificate is read perfectly.

Now my challenge is I have a webmail utility (Squirrelmail) that lives
in /var/www/html/ext/main/webmail/. Currently I can access my webmail
via Apache by browsing to however the site
is not secure. I would like to know if I can use the certificate that
is used when accessing the /var/www/html/int/main as well as for

<VirtualHost *:443>
        DocumentRoot /var/www/html/int/main
        ErrorLog /var/log/httpd/
        TransferLog /var/log/httpd/
        #   SSL Engine Switch:
        #   Enable/Disable SSL for this virtual host.
        SSLEngine on
        SSLCertificateFile /etc/httpd/conf/ssl/www.crt
        SSLCertificateKeyFile /etc/httpd/conf/ssl/www.key
#       SSLCACertificateFile /etc/httpd/conf/

        <Files ~ "\.(cgi|shtml|phtml|php3?)$">
            SSLOptions +StdEnvVars

        <Directory "/var/www/html/int/cgi-bin">
            SSLOptions +StdEnvVars
         <Directory "/var/www/html/int/main">
                AuthName "Intranet"
                AuthType Basic
                AuthUserFile /var/www/html/int/secure/passwd
                require valid-user

        <IfModule mod_alias.c>
                ScriptAlias /cgi-bin/ "/var/www/html/int/cgi-bin/"

                <Directory "/var/www/html/int/cgi-bin">
                        AllowOverride None
                        Options None
                        Order allow,deny
                        Allow from all
SetEnvIf User-Agent ".*MSIE.*" \
                 nokeepalive ssl-unclean-shutdown \
                 downgrade-1.0 force-response-1.0
                CustomLog logs/ssl_request_log \
                          "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"

I also would like to note that when I currently access, I a prompted to login with credentials for
"AuthUserFile /var/www/html/int/secure/passwd". I would not like to
use this method of authentication for as
Squirrelmail uses authentication from the IMAP server.

Thanks for any help!

The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:> for more info.
To unsubscribe, e-mail:
   "   from the digest:
For additional commands, e-mail:

View raw message