> -----Original Message-----
> From: Nick Tonkin [mailto:[EMAIL PROTECTED]
> Sent: 27 February 2003 05:50
> To: [EMAIL PROTECTED]
> Subject: securing one area of a vhost in apache 2
>
>
>
> Hello,
>
> I am using Apache/2.0.44 (Unix) mod_perl/1.99_09-dev Perl/v5.8.0
> mod_ssl/2.0.44 OpenSSL/0.9.7
>
> I have a virtual host which mostly is served without SSL. But
> it has one
> area, /secure, that needs to be secured with SSL. I've tried various
> combinations of directives but can't get it to work. Right now I have:
>
> <VirtualHost 123.456.789.123:8080>
> SSLEngine on
> SSLProtocol all
> SSLCipherSuite HIGH:MEDIUM
> SSLCertificateFile /home/debug/www/_conf/certs/ladyraquel.crt
> SSLCertificateKeyFile /home/debug/www/_conf/certs/ladyraquel.key
> SSLCACertificateFile /home/debug/www/_conf/certs/ca.crt
> SSLVerifyClient none
>
> <Directory /home/debug/www/ladyraquel/secure>
> SSLVerifyClient require
> SSLVerifyDepth 1
> </Directory>
> </VirtualHost>
>
> The server starts fine, serves non-SSL pages fine, but hangs when I
> request /secure.
I'm assuming that you are only interested in securing access, not in using
client certificates. Would that be correct?
In that case this will suffice:
<VirtualHost 123.456.789.123:8080>
SSLEngine on
SSLProtocol all
SSLCipherSuite HIGH:MEDIUM
SSLCertificateFile /home/debug/www/_conf/certs/ladyraquel.crt
SSLCertificateKeyFile /home/debug/www/_conf/certs/ladyraquel.key
<Directory /home/debug/www/ladyraquel/secure>
SSLRequireSSL
</Directory>
</VirtualHost>
See the SSLRequireSSL directive for more details.
http://www.modssl.org/docs/2.8/ssl_reference.html#ToC22
-
John Airey, BSc (Jt Hons), CNA, RHCE
Internet systems support officer, ITCSD, Royal National Institute of the
Blind,
Bakewell Road, Peterborough PE2 6XU,
Tel.: +44 (0) 1733 375299 Fax: +44 (0) 1733 370848 [EMAIL PROTECTED]
A world of difference - in the UK, 37 million people put their faith on the
last census as "Christian". In Saudi Arabia, this answer would carry a death
sentence for any Saudi.
-
NOTICE: The information contained in this email and any attachments is
confidential and may be legally privileged. If you are not the
intended recipient you are hereby notified that you must not use,
disclose, distribute, copy, print or rely on this email's content. If
you are not the intended recipient, please notify the sender
immediately and then delete the email and any attachments from your
system.
RNIB has made strenuous efforts to ensure that emails and any
attachments generated by its staff are free from viruses. However, it
cannot accept any responsibility for any viruses which are
transmitted. We therefore recommend you scan all attachments.
Please note that the statements and views expressed in this email
and any attachments are those of the author and do not necessarily
represent those of RNIB.
RNIB Registered Charity Number: 226227
Website: http://www.rnib.org.uk
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
