This should be simple

Tony Nelson Sun, 12 Aug 2001 14:01:24 -0700
I've been through the documentation and FAQ several times.. and I'm very 
close to having my server setup the way I want, but not quite.. and it 
should be pretty simple.

I have a simple apache server w/ a subdirectory that I want to ensure is 
only accessed via SSL.

if a user attempts to access

http://foo/bar

I'd like them automagically redirected to

https://foo/bar

Subsequent to the redirection, I need the users to be authenticated.. 
simple basic authentication is fine..

I've been through every combination I can think of, between doing it all in 
httpd.conf, or part in httpd.conf and part in .htaccess or all of it in 
.htaccess.   I've gone from every result from no access to anything, to 
full access to everything, and just about everything in between.

Here is my current httpd.conf particulars..

<Directory "/usr/local/apache/htdocs/acid">
     AllowOverride All

     #   If HTTPS is used, make sure a strong cipher is used.
     #   Additionally allow client certs as alternative to basic auth.
     # SSLVerifyClient      optional
     # SSLVerifyDepth       1
     # SSLOptions           +FakeBasicAuth +StrictRequire
     # SSLRequire           %{SSL_CIPHER_USEKEYSIZE} >= 128

     #   Force clients from the Internet to use HTTPS
     RewriteEngine        on
     RewriteCond          %{HTTPS} !=on
     RewriteRule          .* - [F]
     # RewriteRule          (.*) https://itwatch.starpoint.com/acid [R]

     #   Allow Network Access and/or Basic Auth
     # Satisfy              any

     #   Network Access Control
     # Order                deny,allow
     # Deny                 from all
     # Allow               192.168.1.0/24
     #   HTTP Basic Authentication
     AuthType             basic
     AuthName             "Starpoint ACID"
     AuthUserFile         /usr/local/apache/etc/users
     Require              valid-user

</Directory>


I'm not sure what the SSL* options are used for, but any time I uncomment 
any of them my server won't start, complaining as follows:

[root@itwatch conf]# ../bin/apachectl 
configtest
Syntax error on line 364 of /usr/local/apache/conf/httpd.conf:
Invalid command 'SSLVerifyClient', perhaps mis-spelled or defined by a 
module not included in the server configuration

Thanks in advance for any help

Tony Nelson
Starpoint Solutions

______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl)                   www.modssl.org
User Support Mailing List                      [EMAIL PROTECTED]
Automated List Manager                            [EMAIL PROTECTED]
This should be simple

Reply via email to
