Re: [Active4d-dev] Apache SSL

Tue, 29 Jan 2008 13:38:28 -0800 

Steve -
I am a bit stumped at how best to handle SSL connections with Apache in front at the moment. 


Can you tell us if 4D or Apache is actually doing the encryption ? It  
looks like Apache from your rewrite code. Do you have the 'real'  
certificate files  configured in Apache ?



The problem I would have with this configuration is that if Active4D  
is being passed SSL requests on a port other than 443, it thinks  
they're not secure and the logic which tests for the secure port breaks.



I am seem able to get secure requests served just using the code in  
the Active4D Wiki, but "get request value(string(A4D Request Host  
Port))" returns 8080 instead of 443 so I assume Apache is rewriting  
everything to 4D's non-secure port at the moment.


Peter

On 28 Jan 2008, at 13:49, Steve Alex wrote:



On Jan 28, 2008, at 5:23 AM, Peter Jakobsson wrote:


I was wondering how SSL requests are handled in the situation  
where Apache is in front of 4D.



I have it (apparently) working using the configurations in the  
Wiki, however I can't understand how the response can be encrypted  
when:



 - all dynamic requests are arriving at 4D on port 8080 and not  
443 (including I suppose secure ones)

 - Apache doesn't know where the key files are


Do I have to specifically handle secure requests in the apache  
rewrite rules or somehow let Apache know where the key files are  
located ? i.e. does 4D still handle the encryption or does Apache ?



Don't know if this is the right way, but we set up virtual hosts in  
the ssl.conf that listens on port 443


        <VirtualHost *:443>
                SSLEngine on
                ServerName jobs2.aidt.edu
                ServerAdmin [EMAIL PROTECTED]
                        ErrorLog logs/jobs2.aidt.edu-error_log
                        CustomLog logs/jobs2.aidt.edu-access_log common
                SSLCertificateFile ...
                SSLCertificateKeyFile ...
                SSLCertificateChainFile ...
                ProxyPass / http://jobs2.aidt.edu:8010/
                ProxyPassReverse / http://jobs2.aidt.edu:8010/
        </VirtualHost>


In  virtual hosts, all port 80 traffic is rewritten to https.

Steve Alex
_______________________________________________
Active4D-dev mailing list
[email protected]
http://mailman.aparajitaworld.com/mailman/listinfo/active4d-dev
Archives: http://mailman.aparajitaworld.com/archive/active4d-dev/




_______________________________________________
Active4D-dev mailing list
[email protected]
http://mailman.aparajitaworld.com/mailman/listinfo/active4d-dev
Archives: http://mailman.aparajitaworld.com/archive/active4d-dev/

























					Reply via email to