How to use Apache 2 with HTTPS only?
Tim
ignored_mailbox at yahoo.com.au
Wed Aug 2 05:54:14 UTC 2006
Vinicius:
>>> I did do "RedirectPermanent / https://myserver.com/", but the site is
>>> presenting an error.
Tim:
>> Which one? The redirecting HTTP one, or the HTTPS one they're directed
>> to?
You haven't answered the above. Which part of the server is presenting
the error.
>>> Both the server and the client use certificates issued by a local CA,
>>> and I created a SSLRequire rule to allow only the client to enter the
>>> site. I think the SSL check failed because of the RedirectPermanent.
>> More details needed. Server configuration, the specific redirection
>> rules, at least.
Vinicius:
> Hello,
>
> I did do the following:
> 1. created a CA certificate;
> 2. created a server certificate signed by the CA;
> 3. created a client certificate, CA as root; Imported it to Firefox;
> 4. created a "SSLRequire" rule to allow only this specific client to
> enter the site. It checks the O, OU and the CN.
> 5. disabled the "Listen" Directive for HTTP.
In what way did you "disable" it? I seem to recall that if you don't
have one, you end up with defaults.
> Now, I would like to use DAV, but the application DAVExplorer's
> (DAVExplorerSSL.sh) authentication fails with the message: "Connection
> error: javavx.net.ssl.SSLPeerUnverifiedException: peer not
> authenticated". I have entered the address https://localhost/upload .
>
> The snippet of httpd.conf regarding DAV:
> "
> <Directory /var/www/upload>
> Dav On
> AuthName "Top Secret"
> AuthUserFile /var/davpasswd
> AuthType Basic
> </Directory>
> "
I'd fix other problems before starting on a new one, but basic
authentication and HTTPS aren't compatible with each other.
--
(Currently running FC4, occasionally trying FC5.)
Don't send private replies to my address, the mailbox is ignored.
I read messages from the public lists.
More information about the fedora-list
mailing list