Re: [Tracks-discuss] Tracks over https

Tue, 10 Feb 2009 00:49:58 -0800

How are you finding the performance? When I did this a while back, the performance took quite a hit. I now run an apache frontend that proxies requests to the mongrel server (which now only binds to localhost). That apache frontend does SSL for me.
I did find one issue with the proxying - if I used anything other than "/" as the proxy path, anything addressed in tracks other than the frontpage wouldn't load (including images, and all tasks, projects, etc). This meant that I have to bind it to a weird port (81 here), since I use 443 to provide the "normal" https services on this box. 

My apache config for this:

NameVirtualHost *:81
Listen 81
<VirtualHost _default_:81>
      SSLEngine on
      SSLProtocol all -SSLv2
      SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW
      SSLCertificateFile /etc/pki/tls/certs/myhost.crt
      SSLCertificateKeyFile /etc/pki/tls/private/myhost.key
      RequestHeader set X_FORWARDED_PROTO 'https'
      ProxyPass / http://127.0.0.1:3000/
      ProxyPassReverse / http://127.0.0.1:3000/
      ProxyRequests Off
</VirtualHost>


Ideally I'd use:

      ProxyPass /tracks http://127.0.0.1:3000/
      ProxyPassReverse /tracks http://127.0.0.1:3000/

--
Orlando.


Nicholas Lee wrote:




On Mon, Feb 9, 2009 at 10:31 AM, Stephen Boulet <[email protected] 
<mailto:[email protected]>> wrote:


    I can define a site and run tracks (from a recent git pull) fine
    like so:

    NameVirtualHost *:80
    <VirtualHost *:80>
        Options ExecCGI FollowSymLinks
        DocumentRoot /var/www/tracks/public
        RailsEnv production
    </VirtualHost>

    Changing 80 to 443 gives me a message:

    SSL received a record that exceeded the maximum permissible length.


Sounds like an Apache config error.

Did you add something like the following:
        SSLEngine on
        SSLCertificateFile /etc/apache2/ssl/apache.pem


Nicholas 



------------------------------------------------------------------------

_______________________________________________
Tracks-discuss mailing list
[email protected]
http://lists.rousette.org.uk/mailman/listinfo/tracks-discuss



--
            --
   Dr Orlando Richards
  Information Services
IT Infrastructure Division
       Unix Section
    Tel: 0131 650 4994


The University of Edinburgh is a charitable body, registered in 
Scotland, with registration number SC005336.

_______________________________________________
Tracks-discuss mailing list
[email protected]
http://lists.rousette.org.uk/mailman/listinfo/tracks-discuss






















					Reply via email to