Ken,
Unfortunately, it can be a lengthy process but better
than it was with Apache 1.x. There are docs with the source distribution
of Apache. You will probably need to build it to get a version with ssl
enabled. Below are a few of the things you will need in your http.conf or
an included file.
Regarding your original question, these directives
control listening on ports. If you only have the first one, users will
have to use port 443. So, you probably only want the first
one.
Listen
443
Listen 80
Listen 80
LoadModule ssl_module
modules/mod_ssl.so
# Then
need virtual host
<VirtualHost myhost.yourcompany.com:443>
SSLEngine on
SSLCertificateFile c:/certs/serverCGOEHRING1.pem
SSLCertificateKeyFile c:/keys/serverCGOEHRING1keyUnec.pem
SSLCACertificateFile c:/certs/rootcert.pem
SSLEngine on
SSLCertificateFile c:/certs/serverCGOEHRING1.pem
SSLCertificateKeyFile c:/keys/serverCGOEHRING1keyUnec.pem
SSLCACertificateFile c:/certs/rootcert.pem
SSLProtocol all
SSLCipherSuite HIGH:MEDIUM
SSLOptions +StdEnvVars +StrictRequire
</VirtualHost>
SSLCipherSuite HIGH:MEDIUM
SSLOptions +StdEnvVars +StrictRequire
</VirtualHost>
There
is a lot to it - see the docs.
You
can test by specifying the port in the url like so:
https://myhost.yourcompany.com:443
http://myhost.yourcompany.com:80
http://myhost.yourcompany.com:443
Chuck
-----Original Message-----At 06:57 AM 9/24/2004 -0700, you wrote:
From: kloomis [mailto:[EMAIL PROTECTED]
Sent: Friday, September 24, 2004 12:42 PM
To: [EMAIL PROTECTED]
Subject: RE: Mac users bypass SSL
Ken,
If your server is set up correctly, it won't communicate in any mode other than ssl using the port you assigned. How the browser behaves is controlled by the plethora of setting in the browser and the browser brand. On the public web, it may not always be a browser that connects. Crawlers and other robotic system will be contacting your server. So, make sure your server is setup correctly and it won't matter what choices the user has made in the preferences of the browser - they will be able to use your site only if they have the right stuff.
Chuck: Thanks for replying. Yes, that is what I am asking. How do I configure Apache to require an SSL connection on 443?
Ken
Chuck
-----Original Message-----
From: kloomis [mailto:[EMAIL PROTECTED]]
Sent: Thursday, September 23, 2004 9:26 PM
To: [EMAIL PROTECTED]
Subject: Mac users bypass SSL
Hello:
I am using SSL with Apache 2.0 to run a "secure" website. The problem I
have is that Mac users using Internet Explorer open the site without
encryption. They access it via an https:\\ address but they don't get
asked to accept a security certificate and the site opens for them. PC
users are required to accept the certificate before they get access.
How can I fix this.
Thank you,
Ken
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
