Le 30 janv. 06, à 22:32, Tino Breddin a écrit :
...Your workaround seem to be useful for our application..
I don't consider it a workaround - I would *never* put anything else than httpd as the front-end of a production site.
... The only thing i do not know right now, is how to tell apache that only the connections with a special prefix should be secured...
http and https use different port numbers, so you will need two virtual hosts if you want to serve parts of your site without SSL.
IMHO a clean way of doing this is to use different hostnames, like https://apps.mydomain.com and http://files.mydomain.com - this helps avoid any confusion about what's secure and what's not.
-Bertrand
smime.p7s
Description: S/MIME cryptographic signature
