configuration question

2003-08-19 Thread Henrik Bentel 
Hi

I have a web app which serves both static and non static content, both 
secure and unsecure(https and http).
Now, all my ssl configuration is under my secure virtual host, such that it 
applies to everything. However, I have quite a bit static content(images, 
css, javascript.,...) which doesn't need to be very secure. I somewhat only 
want to secure my dynamic content.
But, I don't want to generate absolute URLs on the fly to link to 
non-secure static content. What I want is to make request to certain urls 
less secure such that processing is faster. For example, I have a 
directory called art, which is just a defined alias for a directory. Is 
there a way to make ssl processing for this directory less restrictive than 
for the generic requests to the virtual host so that processing is faster?

Home someone can help

Henrik Bentel

__
Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
User Support Mailing List  [EMAIL PROTECTED]
Automated List Manager[EMAIL PROTECTED]

Re: configuration question

2003-08-19 Thread Henrik Bentel 
At 02:22 AM 8/19/2003 -0400, you wrote:
On Wed, 20 Aug 2003, Henrik Bentel wrote:

 Now, all my ssl configuration is under my secure virtual host, such that it
 applies to everything. However, I have quite a bit static content(images,
 css, javascript.,...) which doesn't need to be very secure. I somewhat only
 want to secure my dynamic content.
If I understand your question correctly, what you're wanting is to have
some web page that's served up with https, but to have the images on that
page be served by regular http.  You could do that, but every browser I
know of will throw a security warning in that case.  You can't mix secure
and non-secure content in the same document.
Does that answer your question?
Hi

not quite.
I still want everything under https, but I was wondering if there is a way 
to speed up processing per directory directive but still use https, such as 
my image -directory.
Currently I have everything for ssl configured  in the virtual host and 
server config. SSL configuration included below.
Certificate is self signed from 1024 bit RSA key.

Listen 443
AddType application/x-x509-ca-cert .crt
AddType application/x-pkcs7-crl .crl
SSLPassPhraseDialog builtin
SSLSessionCache dbm:/var/opt/apache/run/ssl_scache
SSLSessionCacheTimeout 300
SSLMutex sem
#SSLMutex file:/var/opt/apache/run/ssl_mutex
SSLRandomSeed startup builtin
SSLRandomSeed connect builtin
ErrorLog /var/log/httpd/secure_error_log
CustomLog /var/log/httpd/secure_access_log common
LogLevel warn
VirtualHost 192.168.1.1:443
ServerName 192.168.1.1
DocumentRoot /opt/mydocRoot
ErrorLog /var/log/httpd/secure_error_log
TransferLog /var/log/httpd/secure_access_log
LogLevel warn
SSLEngine on
SSLCipherSuite ALL:!ADH:!EXP56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
SSLCertificateFile /opt/app/conf/mycert.crt
SSLCertificateKeyFile /opt/app/conf/mycert.key
SetEnvIf User-Agent .*MSIE.* \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
#CustomLog /var/log/httpd/ssl_request_log %t %h %{SSL_PROTOCOL}x 
%{SSL_CIPHER}x \%r\ %b
/VirtualHost



-Henrik Bentel

--Cliff
__
Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
User Support Mailing List  [EMAIL PROTECTED]
Automated List Manager[EMAIL PROTECTED]
__
Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
User Support Mailing List  [EMAIL PROTECTED]
Automated List Manager[EMAIL PROTECTED]