Re: [Zope] ZServer+SiteAccess+Apache+SSL
Wayne, I just wrote a HOWTO documenting how to do exactly that. One thing that I didn't mention (that I probably should have) is that communication between Apache and ZServer is not necessarily secure, so you'll definitely want them both on the same machine! http://www.zope.com/Members/unfo/apche_zserver_ssl/index_html Good luck, T.J. - Original Message - From: Wayne Izatt [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Tuesday, June 20, 2000 1:11 AM Subject: [Zope] ZServer+SiteAccess+Apache+SSL I've just managed to get ZServer running behind Apache with SiteAccess (thanks for the how-to, anser!) Now, has anyone managed to configure SSL into a mix like this? Seems to me I should be able to go through the standard SSL setup for Apache, and not worry too much more abou the ZServer component of the architecture. thanks Wayne ___ Zope maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope-dev ) ___ Zope maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope-dev )
RE: [Zope] ZServer+SiteAccess+Apache+SSL
I got Apache+mod_ssl+OpenSSL working, and I just threw it into the mix. I have two virtual hosts, one HTTP on port 80 and one SSL on port 443. Both do nothing but ProxyPass to the same http:// address on port 9080. I don't know if I like that solution, though. This solution "looks" secure, but I'm not so sure. It's a secure connection between the client and the server, and, since Zope and Apache are on the same machine, there's no insecure communication over our LAN. However, if I happen to have a hacker running a packet sniffer on my server, I'm screwed. Any comments on this? I may just have to go the hard way and do Apache+fastcgi...? --- In [EMAIL PROTECTED], Wayne Izatt [EMAIL PROTECTED] wrote: I've just managed to get ZServer running behind Apache with SiteAccess (thanks for the how-to, anser!) Now, has anyone managed to configure SSL into a mix like this? Seems to me I should be able to go through the standard SSL setup for Apache, and not worry too much more abou the ZServer component of the architecture. thanks Wayne ___ Zope maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope-dev ) ___ Zope maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope-dev )
RE: [Zope] ZServer+SiteAccess+Apache+SSL
-Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of T.J. Mannos Sent: Wednesday, June 21, 2000 9:42 AM To: IPM Return requested Receipt notification requested Subject: RE: [Zope] ZServer+SiteAccess+Apache+SSL I got Apache+mod_ssl+OpenSSL working, and I just threw it into the mix. I have two virtual hosts, one HTTP on port 80 and one SSL on port 443. Both do nothing but ProxyPass to the same http:// address on port 9080. I don't know if I like that solution, though. This solution "looks" secure, but I'm not so sure. It's a secure connection between the client and the server, and, since Zope and Apache are on the same machine, there's no insecure communication over our LAN. However, if I happen to have a hacker running a packet sniffer on my server, I'm screwed. If you have a hacker running a sniffer on your server you are screwed regardless of your system configuration. ___ Zope maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope-dev )