Yes. It was really quite simple. The problem was never Apache, the SSL configuration was always correct. The problem was that there is no clear documentation (at least to me) on how the different parts/pieces of iFolder and Simias work together. I wanted to do a BOTH install just so I could experiment with SSL, so I kept on doing that, but here is the key, at this point in ifolder-web-setup:
--- ----- REQUIRE SSL ----- Require a secure connection between the browsers and the iFolder Web Access application Require SSL? [Y]: N ----- REQUIRE SERVER SSL ----- Require a secure connection between the iFolder Server and the iFolder Web Access application Require Server SSL? [Y]: -- and in ifolder-admin-setup: ----- REQUIRE SSL ----- Require a secure connection between the browsers and the iFolder Web Admin application Require SSL? [Y]: N ----- REQUIRE SERVER SSL ----- Require a secure connection between the iFolder Server and the iFolder Web Admin application Require Server SSL? [Y]: --- I was saying NO to both of those. That will NOT WORK for a BOTH install. If you want to do a BOTH install, you MUST Require Server SSL on the second question for the connection between the iFolder server and the application. Otherwise, it never imports the cert and can never contact Simias. That was the thing that was tripping me up the ENTIRE time. That simple yes/no question. Had I realized that, I would not have had any issues at all on OpenSUSE 11.1 and SUSE 11 (granted, I should have tried a NONSSL install from the get go). I will say this, I really like the new Windows client. Nice job there! And the system is fast! I was very impressed. Now, if the Mac client could be improved to be like the Windows one :) But overall, I think iFolder 3.8 feels like the most solid build since the iFolder 2.x days. My faith is restored! Matt On Dec 3, 2009, at 1:44 AM, Ravi Kumar wrote: > So you got the SSL configured ? Cool ! Lemme look at 11.2 when I get time. > > ravi > > >>> "Matt Weisberg" <m...@weisberg.net> 12/03/09 3:57 AM >>> > > I re-ran the install on my SLES11 box and I got SSL working. I did an SSL > only config. This time, during the ifolder-web-setup and ifolder-admin-setup > routines, it imported the certificate. So before running those commands, > Apache must be setup and RUNNNING with SSL configured properly (which I think > the docs actually state). I also believe the subject name in the certificate > MUST match. I think this may have been my whole problem. I was never getting > the prompt to import the certificate before because I was doing a BOTH config > and not giving it HTTPS links, so the cert. never got imported. > > That doc on Apache SSL says to just copy the vhost-ssl.template file to > vhost-ssl.conf. But I actually put the ServerName directive in this time with > the matching name from the cert and voila, everything seems to work now. I'm > wondering if the installer would see a non-matching name and not like the > cert. as well. > > In any event, it seems to work just fine now with SSL. > > Matt > > > > > -- > > ----- > Matt Weisberg > Weisberg Consulting, Inc. > m...@weisberg.net > www.weisberg.net > ofc. 248.685.1970 > cell 248.705.1950 > fax 248.769.5963 > > >>> On 12/2/2009 at 5:14 PM, in message > >>> <4b16a0850200009900012...@ssrights.com>, > "Matt Weisberg" <m...@weisberg.net> wrote: > > > Yes, NON-SSL works fine for me on both OpenSUSE 11.1 and SLES 11. On > > OpenSUSE 11.2 there appears to be a different mono issue. > > > > That document explains how to setup Apache for SSL, and I have no issue > > with > > that, that I've done many times. The problem is that there must be > > something > > more that must be done with iFolder to do SSL that is missing from that > > document. Even following that document, the simias app does not appear to > > work correctly in SSL mode. I tried doing a BOTH configuration and it would > > not work. I suppose I can attempt an SSL only configuration and see what > > happens as well. Maybe I'll try that one next... > > > > Matt > > > > > > _______________________________________________ > ifolder-dev mailing list > ifolder-dev@forge.novell.com > http://forge.novell.com/mailman/listinfo/ifolder-dev -------- Matt Weisberg Weisberg Consulting, Inc. m...@weisberg.net www.weisberg.net ofc. 248.685.1970 cell 248.705.1950 fax 248.769.5963 _______________________________________________ ifolder-dev mailing list ifolder-dev@forge.novell.com http://forge.novell.com/mailman/listinfo/ifolder-dev
