How to use Apache 2 with HTTPS only?
Vinicius
cviniciusm at uol.com.br
Wed Aug 2 10:04:43 UTC 2006
Tim escreveu:
> Vinicius:
>>>> I did do "RedirectPermanent / https://myserver.com/", but the site is
>>>> presenting an error.
>
> Tim:
>>> Which one? The redirecting HTTP one, or the HTTPS one they're directed
>>> to?
>
> You haven't answered the above. Which part of the server is presenting
> the error.
>
It's in the past now. When I disabled the "Listen" and the
"RedirectPermanent" directives then both the server and the client are
working fine with HTTPS. The server is only serving HTTPS.
>
>>>> Both the server and the client use certificates issued by a local CA,
>>>> and I created a SSLRequire rule to allow only the client to enter the
>>>> site. I think the SSL check failed because of the RedirectPermanent.
>
>>> More details needed. Server configuration, the specific redirection
>>> rules, at least.
>
>
> Vinicius:
>> Hello,
>>
>> I did do the following:
>> 1. created a CA certificate;
>> 2. created a server certificate signed by the CA;
>> 3. created a client certificate, CA as root; Imported it to Firefox;
>> 4. created a "SSLRequire" rule to allow only this specific client to
>> enter the site. It checks the O, OU and the CN.
>> 5. disabled the "Listen" Directive for HTTP.
>
> In what way did you "disable" it? I seem to recall that if you don't
> have one, you end up with defaults.
>
>> Now, I would like to use DAV, but the application DAVExplorer's
>> (DAVExplorerSSL.sh) authentication fails with the message: "Connection
>> error: javavx.net.ssl.SSLPeerUnverifiedException: peer not
>> authenticated". I have entered the address https://localhost/upload .
>>
>> The snippet of httpd.conf regarding DAV:
>> "
>> <Directory /var/www/upload>
>> Dav On
>> AuthName "Top Secret"
>> AuthUserFile /var/davpasswd
>> AuthType Basic
>> </Directory>
>> "
>
> I'd fix other problems before starting on a new one, but basic
> authentication and HTTPS aren't compatible with each other.
>
I have heard that's possible to use DAV and SSL together.
Any ideas, pl'ease?
TIA,
Vinicius.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 252 bytes
Desc: OpenPGP digital signature
URL: <http://listman.redhat.com/archives/fedora-list/attachments/20060802/21e88b16/attachment-0001.sig>
More information about the fedora-list
mailing list