How to redirect http to https with Apache/SVN/SSL [SOLVED]
Daniel B. Thurman
dant at cdkkt.com
Fri May 15 02:57:05 UTC 2009
Bill Davidsen wrote:
> Daniel B. Thurman wrote:
>> Patrick W. Barnes wrote:
>>> On Sunday 10 May 2009 19:26:51 Daniel B. Thurman wrote:
>>>
>>>> DRAT! TYPO!
>>>>
>>>> Should be:
>>>>
>>>> <VirtualHost host.domain.com:80>
>>>> ServerName host.domain.com
>>>> CustomLog /svn/Admin/logs/access.log combined
>>>> ErrorLog /svn/Admin/logs/error.log
>>>> SSLProxyEngine on
>>>> ProxyPass / https://host.domain.com/
>>>> ProxyPassReverse / https://host.domain.com/
>>>> </VirtualHost>
>>>>
>>>> <VirtualHost host.domain.com:443>
>>>> [...]
>>>> </VirtualHost>
>>>>
>>>> My mistake was the 2nd VirtualHost clause where 80 should be 443:
>>>>
>>>> Now, that's better ;)
>>>>
>>>
>>> Keep in mind that having Apache proxy non-HTTPS queries will mean
>>> that the link from the client to the server will NOT be
>>> SSL-protected. Traffic from the SVN client to your server will be
>>> in the clear.
>>>
>> Sigh, I tested http://[...] and it appears that SSL certification is
>> not
>> being requested, so it appears that you are correct.
>>
>> I will keep trying. If anyone has a (potential) solution, please let
>> me know?
>>
> I think you had it with the redirect causing an error in svn. The
> change to https needs to be done at the request end (AFAIK) so if svn
> can't/won't do that properly you are better off failing it with a
> useful error than having the traffic to you be unencrypted.
>
> My opinion only, the client is not working in a good way, break it
> rather than having it work in an actively BAD way.
Yes, that was what I thought, since there is no real way
to get a redirect with svn in the picture. I tried it in all
sorts of ways but was not able to. It would be nice if
there was a way to do a redirect cleanly, but alas, it's
not to be had.
More information about the fedora-list
mailing list