On Thu, 27 Feb 2003 [EMAIL PROTECTED] wrote: > > From: Nick Tonkin [mailto:[EMAIL PROTECTED] > > > > I am using Apache/2.0.44 (Unix) mod_perl/1.99_09-dev Perl/v5.8.0 > > mod_ssl/2.0.44 OpenSSL/0.9.7 > > > > I have a virtual host which mostly is served without SSL. But > > it has one > > area, /secure, that needs to be secured with SSL. I've tried various > > combinations of directives but can't get it to work. Right now I have:
[ snip ] > I'm assuming that you are only interested in securing access, not in using > client certificates. Would that be correct? Yes. No authentication needed. Just want to make an SSL connection. > In that case this will suffice: > > <VirtualHost 123.456.789.123:8080> > SSLEngine on > SSLProtocol all > SSLCipherSuite HIGH:MEDIUM > SSLCertificateFile /home/debug/www/_conf/certs/ladyraquel.crt > SSLCertificateKeyFile /home/debug/www/_conf/certs/ladyraquel.key > <Directory /home/debug/www/ladyraquel/secure> > SSLRequireSSL > </Directory> > </VirtualHost> > > See the SSLRequireSSL directive for more details. This didn't work, I am afraid: [EMAIL PROTECTED] ~>lwp-request -sSd http://www.ladyraquel.com:8080/weather GET http://www.ladyraquel.com:8080/weather --> 301 Moved Permanently GET https://ladyraquel.com:8080/weather/ --> 501 Protocol scheme 'https' is not supported ## it's rewriting the http scheme ... ## https not supported for resource outside the named dir seems sort of OK [EMAIL PROTECTED] ~>lwp-request -sSd http://www.ladyraquel.com:8080/weather/ GET http://www.ladyraquel.com:8080/weather/ --> 200 OK ## working fine [EMAIL PROTECTED] ~>lwp-request -sSd http://www.ladyraquel.com:8080/secure/ GET http://www.ladyraquel.com:8080/secure/ --> 403 Forbidden ## sort of what i expected with scheme of http:// [EMAIL PROTECTED] ~>lwp-request -sSed https://www.ladyraquel.com:8080/secure/ GET https://www.ladyraquel.com:8080/secure/ --> 501 Protocol scheme 'https' is not supported ## huh?! Any more advice gratefully accepted :) - nick -- ~~~~~~~~~~~~~~~~~~~~ Nick Tonkin {|8^)> ______________________________________________________________________ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
