Re: Securing directories
I'd set these up as virtual hosts - the essence of what you want to do here is to make http://www.domain.com/ return different information than https://www.domain.com. Having done that (by following the links in the other reply you got) you then will need to set up what you want to happen on the http side of things - there is no automatic pop-up as you were asking for. What many do is simply configure http to do a redirect to https, like this: Redirect /https://www.domain.com/ or you can just put up a page with a link to https and explanatory text - which is often a good way of doing it so they have something to look at for explanation if their SSL client is not compatible with your site for example. -PeterV. Robert Lagana wrote: Hello, Using mod_ssl .. on Apache .. I would like to secure two directories.. https://www.domain.com/homedir https://www.domain.com/homedir2 Now if user go to http://www.domain.com will users get a pop up saying that SSL is required? Is this just a matter of having Port 80 and Port 443 enabled? Do I set these directories up as virtual hosts? Is there a link someone can provided that explains this? Thanks, Rob __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
Re: Make CA for WebServer ( Apache )
It's in the mod ssl INSTALL file... Basically it's an added step when you make apache... --from readme file... $ cd apache_1.3.x ALL $ SSL_BASE=../openssl-0.9.x \ ALL EAPI_MM=../mm-1.1.x \ OPTIONAL ./configure \ALL --enable-module=ssl \ALL --prefix=/path/to/apache \ ALL [--enable-shared=ssl] \ OPTIONAL [--disable-rule=SSL_COMPAT] \OPTIONAL [--enable-rule=SSL_SDBM] \ OPTIONAL [--enable-rule=SSL_EXPERIMENTAL] \ OPTIONAL [--enable-rule=SSL_VENDOR] \ OPTIONAL [...more APACI options...] OPTIONAL $ make ALL $ make certificateOPTIONAL $ make installOPTIONAL $ cd .. Daniel. [EMAIL PROTECTED] wrote: Hello, How to create CA ( invalid: NOT real ) for Web Server ( Apache ) ? Thank for your help ! Edward. __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED] __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
Re: Apache 2 +SSL
Aah, got it. Apache 2 comes with mod_ssl code. For those who might be in my situation, read this doc: http://www.apacheworld.org/ty24/site.chapter17.html Cheers! Kiri At 04:35 11-11-02 +0200, you wrote: I searched through some archives and found out Apache 2 comes with mod_ssl code included, and that to enable SSL/TLS support in Apache 2, one has to compile OpenSSL first, then compile Apache 2 and --with-ssl=/path/to/openssl I did exactly that. Isn't the default configuration file I get supposed to have some SSL directives in there? Am I brain dead? What am I missing? -- Christopher Chaduka Webmaster/Systems Administrator Technical Department M-Web Zimbabwe Tel: +263 4 25 Fax: +263 4 708055 Mobile: +263 11 600994 http://www.mweb.co.zw __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED] __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
Inability to force https rewrite before password authentication
Hello All, I have a strange problem here and was wondering if anyone had a solution. I'm looking to perform a rewrite to https then require the user submit a username and password. The idea behind this is that the username and password are submitted encrypted rather than in plain text. First off version information Apache Server version: Apache/1.3.26 (Unix) Mod_SSL 2.8.9 (debian 2.8.9-2.1) I looked at Ralf's presentation from apachecon2000 (ref http://www.modssl.org/docs/apachecon2000/slide-021-n.html ) which does have a recipie for what I am looking to accomplish. The only problem I have is it doesn't seem to work for me. The password authentication happens before the url redirection which isn't desireable in this case. My configuration Directory /server-root/subdir Options Indexes FollowSymLinks AllowOverride All RewriteEngineon RewriteCond %{REMOTE_ADDR} !^192\.168\.1\.[0-9]+$ RewriteCond %{HTTPS} !=on RewriteRule ^/(.*) https://%{SERVER_NAME}/subdir/$1 [R,L] SSLOptions +StrictRequire SSLRequire %{SSL_CIPHER_USEKEYSIZE} = 128 Satisfy any Order deny,allow deny from all allow from 192.168.1.0/255.255.255.0 AuthName Restricted Access AuthType Basic AuthUserFile /etc/apache/htpasswd Require valid-user /Directory Any ideas or suggestions on how I would overcome this obstacle, or reverse the order of directive processing so the rewrite happens first? Thanks Chris __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]