Brian Candler wrote: > On Wed, Jan 14, 2004 at 11:46:17AM -0600, Rick Weinbender wrote: > > I've tried the setup below, but it won't display > > the login page. > > * > > ./configure --with-db=gdbm \ > > --enable-https \ > > So what do get? > > Your webserver has to be correctly configured for https operation, of > course. > > Try this: > > $ openssl s_client -connect www.yourdomain.com:443 > GET /cgi-bin/sqwebmail?index=1 HTTP/1.0 > Host: www.yourdomain.com > <blank line> > > You should get back a HTML frameset. If that works, replace "index=1" with > "noframes=1" and see what you get back. > > > The manual (quoted below) says that it is the default option. > > "[1]http:// or [2]https:// URLs, appropria--enable-https=auto > > - this is now the default option...." > > Yes. That means if you go in with http:// then it will stay http:, and if > you go in https:// then it will stay https: (i.e. all the embedded links in > the page are all either http: or https: respectively) > > > I'm most interested in the password info being encrypted. > > --enable-https=login > > That makes the login page https:, but all subsequent pages http:. It's the > option of choice if you have a very busy CPU and want to minimise encryption > overhead. > > Brian.
******************************************** >>So what do get? I tried it just now with only the --enable-https=login I get an initial login screen, but when I enter username and password, it just takes me to a blank web page. * >>Try this: >>$ openssl s_client -connect www.yourdomain.com:443 >>GET /cgi-bin/sqwebmail?index=1 HTTP/1.0 >>Host: www.yourdomain.com >> <blank line> This is probably a stupid question, but where does the above code go? I am running Apache. Thanks, -Rick
