Re: SSLRequireSSL

Cliff Woolley Fri, 6 Aug 1999 08:18:22 -0700

I've looked at the httpd.conf you sent me... it's fairly stock.  With a
handful of virtual hosts added.  I *think* the problem is that the block
of code you added (the <Directory> part as quoted in your original email
to the list) should be enclosed within your _default_:443 SSL-enabled
virtual host.  As it stands now, the block is in the main server
context, for which SSL is not enabled.  Also, in this case you would use
<Location> and not <Directory> since you're referring to a URL not a
filesystem path.

So it would look something like:

<VirtualHost _default_:443>
  SSLEngine on
  SSLCertificateFile /usr/local/apache/conf/ssl.crt/server.crt
  SSLCertificateKeyFile /usr/local/apache/conf/ssl.key/server.key
  SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
  CustomLog /usr/local/apache/logs/ssl_request_log \
            "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"

  Alias /sslonly/  /usr/local/apache/sslonly
  <Location /sslonly>
      AllowOverride None
      Options None
      SSLRequireSSL
  </Location>

</VirtualHost>

Give this a try... hope this helps.
-Cliff



Cliff Woolley
Central Systems Software Administrator
Washington and Lee University
http://www.wlu.edu/~jwoolley/

Work: (540) 463-8089
Pager: (540) 462-3472

>>> "Ovidiu Asiminei" <[EMAIL PROTECTED]> 08/06/99 01:56PM >>>
Thanks for help .
attach the copy http.conf
If you have a time to loock , mybe you find the mistake in short time.

-----Original Message-----
From: Cliff Woolley <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED] <[EMAIL PROTECTED]>;
[EMAIL PROTECTED] 
<[EMAIL PROTECTED]>
Date: Thursday, August 05, 1999 12:30 AM
Subject: Re: SSLRequireSSL

>There's a bunch of other mod_ssl configuration directives that you
>haven't listed here... did you just omit them from your post or are
they
>really not in your config file?  For example, you'll need to set
>SSLEngine on, you'll need to set it to listen to port 443, and about
a
>dozen other things.  If this is the case, please go back and reread
the
>user manual at http://www.modssl.org/docs/2.3/.  Otherwise, I'd need
to
>see a more complete copy of your config file to know what's going on.

>>>> "Ovidiu Asiminei" <[EMAIL PROTECTED]> 08/05/99 03:06PM >>>

>I put this in httpd.conf

><Directory "/usr/local/apache/htdocs/secure">
>      AllowOverride None
>      Options None
>      Order allow, deny
>      Allow from all
>      SSLRequireSSL
></Directory>
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl)                   www.modssl.org
User Support Mailing List                      [EMAIL PROTECTED]
Automated List Manager                            [EMAIL PROTECTED]
Re: SSLRequireSSL

Reply via email to
