Hello,
I have problem with environment variables and directive SSLRequireSSL.
SSL works, but I cannot test this in php script(_SERVER['HTTPS']) and
SSLRequireSSL directive denies my access to directory, which is accessed
via SSL.
Thank you for any idea.
Ondrej Kraus
related informations:
software versions:
Debian testing dist.
Apache 1.3.6
mod_ssl 2.8.9
OpenSSL 0.9.6g
fragment of httpd.conf:
Listen 80
LoadModule ssl_module /usr/lib/apache/1.3/mod_ssl.so
Port 80
<IfModule mod_ssl.c>
Listen xx.xx.xx.xx:443
</IfModule>
NameVirtualHost *:80
<IfModule mod_ssl.c>
AddType application/x-x509-ca-cert .crt
AddType application/x-pkcs7-crl .crl
SSLPassPhraseDialog builtin
SSLSessionCache dbm:/var/run/ssl_scache
SSLSessionCacheTimeout 300
SSLMutex file:/var/run/ssl_mutex
SSLRandomSeed startup builtin
SSLRandomSeed connect builtin
<VirtualHost xx.xx.xx.xx:443>
ServerName server_name
# this php application could not find HTTPS environment variable
# actual dirty workaround: SetEnv HTTPS on
DocumentRoot /home/app
SSLEngine on
SSLOptions +StdEnvVars
SSLCertificateFile ...
SSLCACertificateFile ...
SSLCertificateKeyFile ...
SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
Alias /mydir /home/mydir
</VirtualHost>
<Directory /home/mydir>
# no access, but if I comment it out, it works as expected (with SSL)
SSLRequireSSL
</Directory>
</IfModule>
# redirect works
<VirtualHost *>
ServerName server_name
Redirect permanent / https://server_name/mydir/
</VirtualHost>
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
