Hi,
I like to serve an svn via apache and like to secure this with ssl so
that write-access to svn is only possible via an ssl-secured connection
and read-only access via a normal http connection too.
Is this possible?
I've seen a few examples on the internet where this has been made by
adding SSLRequireSSL within LimitExcept.
I added the following to my svn-config
<Location /svn>
DAV svn
SVNPath /svn/svnpath
AuthType Basic
AuthName "Subversion Repository"
AuthUserFile authfile
<LimitExcept GET PROPFIND OPTIONS REPORT>
Require valid-user
SSLRequireSSL
</LimitExcept>
</Location>
When I access the svn with my browser via https it works, but when I
access it via http it does not work an I get the following error in my log:
/var/log/apache2/error.log:
[Fri Feb 19 13:53:09 2010] [error] [client 127.0.0.1] access to
/var/www/svn failed, reason: SSL connection required
/var/log/apache2/access.log:
127.0.0.1 - - [19/Feb/2010:13:53:09 +0100] "GET /svn/ HTTP/1.0" 403 183
"-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; de; rv:1.9.1.8)
Gecko/20100202 Firefox/3.5.8 (.NET CLR 3.5.30729)"
Should this work or is it just not possible to use SSLRequireSSL within
LimitExcept?
If it's not possible, is there another option to do such a setup?
Greetings!
Tobias
