John Farrell wrote:
>
> Yes, I noticed the existence of SSLRequireSSL, but eschewed it because the
> documentation suggests that it has a granularity of: directory, whereas I
> believe there should be a way to specify SSL _only_ for even a specific
> file, which may be in a directory that is not
Yes, I noticed the existence of SSLRequireSSL, but eschewed it because the
documentation suggests that it has a granularity of: directory, whereas I
believe there should be a way to specify SSL _only_ for even a specific
file, which may be in a directory that is not SSL _only_ ...
Further, in
I've never used the directive, but according to ./https -h
and http://www.apache-ssl.org/docs.html#SSLRequireSSL
the actual directive appears to be SSLRequireSSL.
Brian
"Boyce, Nick" wrote:
>
> >> So, I added this to my apache.conf
> >
> >
> > SSLRequire ( true )
> >
> >
> [snip]
> > The pro
>> So, I added this to my apache.conf
>
>
> SSLRequire ( true )
>
>
[snip]
> The problem is, after adding that configuration line, I can still go to
> /secure with my browser, and it doesn't start a SSL session. I don't
> understand this at all - it seems really easy ... sslREQUIRE leads me
Thanks to some help from this list, and others, I got apache+openssl/etc up
and running (I know it is up and running, because when I do
httpS://mysite/some.page, it starts a SSL session, I get the little lock on
my browser, etc.)
So, I added this to my apache.conf
SSLRequire ( true )
(yes
