Steve -

I am a bit stumped at how best to handle SSL connections with Apache in front at the moment.

Can you tell us if 4D or Apache is actually doing the encryption ? It looks like Apache from your rewrite code. Do you have the 'real' certificate files configured in Apache ?

The problem I would have with this configuration is that if Active4D is being passed SSL requests on a port other than 443, it thinks they're not secure and the logic which tests for the secure port breaks.

I am seem able to get secure requests served just using the code in the Active4D Wiki, but "get request value(string(A4D Request Host Port))" returns 8080 instead of 443 so I assume Apache is rewriting everything to 4D's non-secure port at the moment.

Peter

On 28 Jan 2008, at 13:49, Steve Alex wrote:


On Jan 28, 2008, at 5:23 AM, Peter Jakobsson wrote:

I was wondering how SSL requests are handled in the situation where Apache is in front of 4D.

I have it (apparently) working using the configurations in the Wiki, however I can't understand how the response can be encrypted when:

- all dynamic requests are arriving at 4D on port 8080 and not 443 (including I suppose secure ones)
 - Apache doesn't know where the key files are

Do I have to specifically handle secure requests in the apache rewrite rules or somehow let Apache know where the key files are located ? i.e. does 4D still handle the encryption or does Apache ?

Don't know if this is the right way, but we set up virtual hosts in the ssl.conf that listens on port 443

        <VirtualHost *:443>
                SSLEngine on
                ServerName jobs2.aidt.edu
                ServerAdmin [EMAIL PROTECTED]
                        ErrorLog logs/jobs2.aidt.edu-error_log
                        CustomLog logs/jobs2.aidt.edu-access_log common
                SSLCertificateFile ...
                SSLCertificateKeyFile ...
                SSLCertificateChainFile ...
                ProxyPass / http://jobs2.aidt.edu:8010/
                ProxyPassReverse / http://jobs2.aidt.edu:8010/
        </VirtualHost>


In  virtual hosts, all port 80 traffic is rewritten to https.

Steve Alex
_______________________________________________
Active4D-dev mailing list
[email protected]
http://mailman.aparajitaworld.com/mailman/listinfo/active4d-dev
Archives: http://mailman.aparajitaworld.com/archive/active4d-dev/



_______________________________________________
Active4D-dev mailing list
[email protected]
http://mailman.aparajitaworld.com/mailman/listinfo/active4d-dev
Archives: http://mailman.aparajitaworld.com/archive/active4d-dev/

Reply via email to