On Wed, 20 Aug 2003, Henrik Bentel wrote:
> Now, all my ssl configuration is under my secure virtual host, such that it > applies to everything. However, I have quite a bit static content(images, > css, javascript.,...) which doesn't need to be very secure. I somewhat only > want to secure my dynamic content.
If I understand your question correctly, what you're wanting is to have some web page that's served up with https, but to have the images on that page be served by regular http. You could do that, but every browser I know of will throw a security warning in that case. You can't mix secure and non-secure content in the same document.
Does that answer your question?
Hi
not quite.
I still want everything under https, but I was wondering if there is a way to speed up processing per directory directive but still use https, such as my image -directory.
Currently I have everything for ssl configured in the virtual host and server config. SSL configuration included below.
Certificate is self signed from 1024 bit RSA key.
Listen 443 AddType application/x-x509-ca-cert .crt AddType application/x-pkcs7-crl .crl SSLPassPhraseDialog builtin SSLSessionCache dbm:/var/opt/apache/run/ssl_scache SSLSessionCacheTimeout 300 SSLMutex sem #SSLMutex file:/var/opt/apache/run/ssl_mutex SSLRandomSeed startup builtin SSLRandomSeed connect builtin ErrorLog /var/log/httpd/secure_error_log CustomLog /var/log/httpd/secure_access_log common LogLevel warn
<VirtualHost 192.168.1.1:443> ServerName 192.168.1.1 DocumentRoot "/opt/mydocRoot" ErrorLog /var/log/httpd/secure_error_log TransferLog /var/log/httpd/secure_access_log LogLevel warn
SSLEngine on
SSLCipherSuite ALL:!ADH:!EXP56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
SSLCertificateFile /opt/app/conf/mycert.crt
SSLCertificateKeyFile /opt/app/conf/mycert.key
SetEnvIf User-Agent ".*MSIE.*" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
#CustomLog /var/log/httpd/ssl_request_log "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
</VirtualHost>
-Henrik Bentel
--Cliff ______________________________________________________________________ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
______________________________________________________________________ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]