How to redirect http to https with Apache/SVN/SSL [SOLVED]
Bill Davidsen
davidsen at tmr.com
Wed May 13 19:45:58 UTC 2009
Daniel B. Thurman wrote:
> Patrick W. Barnes wrote:
>> On Sunday 10 May 2009 19:26:51 Daniel B. Thurman wrote:
>>
>>> DRAT! TYPO!
>>>
>>> Should be:
>>>
>>> <VirtualHost host.domain.com:80>
>>> ServerName host.domain.com
>>> CustomLog /svn/Admin/logs/access.log combined
>>> ErrorLog /svn/Admin/logs/error.log
>>> SSLProxyEngine on
>>> ProxyPass / https://host.domain.com/
>>> ProxyPassReverse / https://host.domain.com/
>>> </VirtualHost>
>>>
>>> <VirtualHost host.domain.com:443>
>>> [...]
>>> </VirtualHost>
>>>
>>> My mistake was the 2nd VirtualHost clause where 80 should be 443:
>>>
>>> Now, that's better ;)
>>>
>>
>> Keep in mind that having Apache proxy non-HTTPS queries will mean that
>> the link from the client to the server will NOT be SSL-protected.
>> Traffic from the SVN client to your server will be in the clear.
>>
> Sigh, I tested http://[...] and it appears that SSL certification is not
> being requested, so it appears that you are correct.
>
> I will keep trying. If anyone has a (potential) solution, please let me
> know?
>
I think you had it with the redirect causing an error in svn. The change to
https needs to be done at the request end (AFAIK) so if svn can't/won't do that
properly you are better off failing it with a useful error than having the
traffic to you be unencrypted.
My opinion only, the client is not working in a good way, break it rather than
having it work in an actively BAD way.
--
Bill Davidsen <davidsen at tmr.com>
"We have more to fear from the bungling of the incompetent than from
the machinations of the wicked." - from Slashdot
More information about the fedora-list
mailing list