On 31.01.2013, at 12:43, hemathor wrote: > hey, > > i have ssl activated. > looking at the httpd logfile, there are always two propfind requests: > > 127.0.0.1 - - [31/Jan/2013:12:39:34 +0100] "PROPFIND > /owncloud/remote.php/webdav/clientsync HTTP/1.1" 401 291 > 127.0.0.1 - hemathor [31/Jan/2013:12:39:34 +0100] "PROPFIND > /owncloud/remote.php/webdav/clientsync HTTP/1.1" 207 630 > > why does the client issue an unencrypted request although ssl is activated?
Where do you see an unencrypted request here? I just see one unauthenticated and one authenticated here. The log tells nothing about the encryption status. SSL is transport layer security, i.e. in encrypts the data stream, regardless on higher level protocols' authentication scheme. It doesn't know nor care. HTTP auth is then applied on top (i.e. inside the encrypted data stream), and the way it works is to issue a request, and wait for the server to ask for authentication (which it does, 401). The client will then follow up with an attempt to present its credentials, which succeeds (207, webdav multi status). Cheers, Daniel -- www.owncloud.com - Your Data, Your Cloud, Your Way! ownCloud GmbH, GF: Markus Rex, Holger Dyroff Schloßäckerstrasse 26a, 90443 Nürnberg, HRB 28050 (AG Nürnberg)
PGP.sig
Description: This is a digitally signed message part
_______________________________________________ Owncloud mailing list Owncloud@kde.org https://mail.kde.org/mailman/listinfo/owncloud
