Use a nip.io <http://nip.io/> address.
So use:
--server-name A.B.C.D.nip.io
replacing A.B.C.D with your IP address.
Have everyone use:
https://A.B.C.D.nip.io <https://a.b.c.d.nip.io/>
See:
http://nip.io/ <http://nip.io/>
for more information on these magic hostnames.
Hopefully your organisation doesn't block DNS for them, some do.
Graham
> On 12 Apr 2018, at 11:38 am, Marcos Georgopoulos <[email protected]> wrote:
>
> Hi Graham,
>
> Ok I can access both but only through the server name.
>
> We are working on getting CA signed certs and DNS sorted but in the mean time
> I was hoping to access it via IP address over HTTPs. This is an internal site
> on private IP and not accessible from the internet.
>
> Is there a way to temporarily permit this with mod_wsgi?
>
> Many thanks.
>
>
> On Thu, Apr 12, 2018 at 10:26 AM, Graham Dumpleton
> <[email protected] <mailto:[email protected]>> wrote:
> The argument to --server-name should be the same host name you use in the URL
> otherwise it likely will not work. You can't use 'localhost' or any other
> internal name which isn't what is used in the URL.
>
> Also try not supplying:
>
> --https-only
>
> See if normal 'http' URL access works, and then with 'https' URL.
>
> Am wondering whether it is some issues around the redirection from http to
> https.
>
> Graham
>
>> On 12 Apr 2018, at 10:19 am, Marcos Georgopoulos <[email protected]
>> <mailto:[email protected]>> wrote:
>>
>> Sorry I forgot to answer part of your question.
>>
>> No access '/' has the same issue.
>>
>> On Thursday, April 12, 2018 at 10:05:18 AM UTC+10, Graham Dumpleton wrote:
>> Does accessing the root of the site work?
>>
>> Add the option:
>>
>> --access-log
>>
>> and show me the series of requests which are then logged in it.
>>
>> Is there anything in the directory:
>>
>> /etc/mod_wsgi-express-443/htdocs
>>
>> IOW, what do you get when you run:
>>
>> ls -las /etc/mod_wsgi-express-443/htdocs
>>
>> Graham
>>
>>> On 12 Apr 2018, at 9:01 am, Marcos Georgopoulos <m...@ <>marcosg.com
>>> <http://marcosg.com/>> wrote:
>>>
>>> Hi,
>>>
>>> I am trying to get my web application working over https. I am using
>>> Centos7. I have disabled the firewall and selinux ( temporarily for testing
>>> )
>>>
>>>
>>> The following works with no issues for http on port 80.
>>>
>>>
>>> sudo python3.6 manage.py runmodwsgi --setup-only --port=80 --user apache
>>> --group apache --server-root=/etc/mod_wsgi-express-80
>>>
>>> I get the following error when trying to access it over https/443. Below is
>>> the command I run to set it up.
>>>
>>> sudo python3.6 manage.py runmodwsgi --setup-only --user=apache
>>> --group=apache --server-root=/etc/mod_wsgi-express-443 --https-only
>>> --https-port=443 --ssl-certificate-file=/etc/pki/tls/certs/localhost.crt
>>> --ssl-certificate-key-file=/etc/pki/tls/private/localhost.key
>>> --server-name=myhost.local
>>>
>>>
>>> Web browser
>>>
>>> Forbidden
>>>
>>> You don't have permission to access /login/ on this server.
>>>
>>> Error Log
>>>
>>> [Wed Apr 11 18:47:33.429059 2018] [mpm_event:notice] [pid 12053:tid
>>> 140251110680704] AH00489: Apache/2.4.6 (CentOS) mod_wsgi/4.6.4 Python/3.6
>>> OpenSSL/1.0.2k-fips configured -- resuming normal operations
>>> [Wed Apr 11 18:47:33.429098 2018] [core:notice] [pid 12053:tid
>>> 140251110680704] AH00094: Command line: 'httpd (mod_wsgi-express) -f
>>> /etc/mod_wsgi-express-443/httpd.conf -D MOD_WSGI_VIRTUAL_HOST -D
>>> MOD_WSGI_WITH_HTTPS -D MOD_WSGI_HTTPS_ONLY -D
>>> MOD_WSGI_MPM_ENABLE_EVENT_MODULE -D MOD_WSGI_MPM_EXISTS_EVENT_MODULE -D
>>> MOD_WSGI_MPM_EXISTS_WORKER_MODULE -D MOD_WSGI_MPM_EXISTS_PREFORK_MODULE'
>>> [Wed Apr 11 18:47:50.725314 2018] [authz_core:error] [pid 12061:tid
>>> 140251110143744] [client 10.16.18.11:63623 <http://10.16.18.11:63623/>]
>>> AH01630: client denied by server configuration:
>>> /etc/mod_wsgi-express-443/htdocs/login
>>>
>>>
>>> Many thanks.
>>>
>>>
>>>
>>> --
>>> You received this message because you are subscribed to the Google Groups
>>> "modwsgi" group.
>>> To unsubscribe from this group and stop receiving emails from it, send an
>>> email to modwsgi+u...@ <>googlegroups.com <http://googlegroups.com/>.
>>> To post to this group, send email to mod...@ <>googlegroups.com
>>> <http://googlegroups.com/>.
>>> Visit this group at https://groups.google.com/group/modwsgi
>>> <https://groups.google.com/group/modwsgi>.
>>> For more options, visit https://groups.google.com/d/optout
>>> <https://groups.google.com/d/optout>.
>>
>>
>> --
>> You received this message because you are subscribed to the Google Groups
>> "modwsgi" group.
>> To unsubscribe from this group and stop receiving emails from it, send an
>> email to [email protected]
>> <mailto:[email protected]>.
>> To post to this group, send email to [email protected]
>> <mailto:[email protected]>.
>> Visit this group at https://groups.google.com/group/modwsgi
>> <https://groups.google.com/group/modwsgi>.
>> For more options, visit https://groups.google.com/d/optout
>> <https://groups.google.com/d/optout>.
>
>
> --
> You received this message because you are subscribed to the Google Groups
> "modwsgi" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to [email protected]
> <mailto:[email protected]>.
> To post to this group, send email to [email protected]
> <mailto:[email protected]>.
> Visit this group at https://groups.google.com/group/modwsgi
> <https://groups.google.com/group/modwsgi>.
> For more options, visit https://groups.google.com/d/optout
> <https://groups.google.com/d/optout>.
>
--
You received this message because you are subscribed to the Google Groups
"modwsgi" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
Visit this group at https://groups.google.com/group/modwsgi.
For more options, visit https://groups.google.com/d/optout.
