Re: HTTPS environment variable is set after .htacces is parsed

On Sat, Mar 01, 2003 at 11:16:11AM -0500, Cliff Woolley wrote: > On Sat, 1 Mar 2003, Domenico Andreoli wrote: > > > dunno, bug submitter used it. shouldn't it work anyway? > > Environment variables are, as a rule, set late in the process because the > use of them has a relatively large performanc

Re: HTTPS environment variable is set after .htacces is parsed

On Sat, 1 Mar 2003, Domenico Andreoli wrote: > dunno, bug submitter used it. shouldn't it work anyway? Environment variables are, as a rule, set late in the process because the use of them has a relatively large performance penalty. They're really only there for communicating with CGI scripts an

Re: Illegal attempt to re-initialise SSL for server

On Sat, 1 Mar 2003, Domenico Andreoli wrote: > ps: may i quote your message? i'd like to include your reply to who > reported the original problem (debian bug report #169083). Sure! It's a public list after all. :) --Cliff -

Re: HTTPS environment variable is set after .htacces is parsed

On Sat, Mar 01, 2003 at 11:02:22AM -0500, Cliff Woolley wrote: > On Sat, 1 Mar 2003, Domenico Andreoli wrote: > > > order deny,allow > > deny from all > > allow from 127.0.0.1 > > allow from env=HTTPS > > Why do you need that env var? Use this instead: dunno, bug submitter used it. shouldn't it

Re: Illegal attempt to re-initialise SSL for server

On Sat, Mar 01, 2003 at 10:59:33AM -0500, Cliff Woolley wrote: > It ought to look like this: > > > SSLEngine on > SSLCertificateFile ... > SSLCertificateKeyFile ... > > > Note that your use of the certificate and key across all virtual hosts, > whether by putting it in the server-wide config or

Re: HTTPS environment variable is set after .htacces is parsed

On Sat, 1 Mar 2003, Domenico Andreoli wrote: > order deny,allow > deny from all > allow from 127.0.0.1 > allow from env=HTTPS Why do you need that env var? Use this instead: order deny,allow deny from all allow from 127.0.0.1 SSLRequireSSL --Cliff

RE: securing one area of a vhost in apache 2

Thanks to all who responded on this question. [ I am now using curl -k to test my self-certified SSL connections :) ] I have also concluded that the standard way to have one `section' of a site handled via SSL is to actually have a separate VirtualHost ... maybe this is obvious but I don't think

Re: Illegal attempt to re-initialise SSL for server

On Sat, 1 Mar 2003, Domenico Andreoli wrote: > CUT HERE -- > # ... > SSLEngine on > SSLCertificateFile /etc/apache/ssl.crt/server.crt > SSLCertificateKeyFile /etc/apache/ssl.key/server.key > > > > # ... > CUT HERE

HTTPS environment variable is set after .htacces is parsed

hi again, with reference to debian bug report #103609 [1], a debian user states that HTTPS environment variable is still not set during the parsinig of .htacces. i'm quoting the relevant part from that report. - CUT HERE --- This ought to work in .htaccess: order deny,a

Illegal attempt to re-initialise SSL for server

hi, i'm able to get this error message with the following configuration file fragment put in the global context: CUT HERE -- # ... SSLEngine on SSLCertificateFile /etc/apache/ssl.crt/server.crt SSLCertificateKeyFile /etc/apache/ssl.key/server.key #