How to redirect http to https with Apache/SVN/SSL [SOLVED]
Daniel B. Thurman
dant at cdkkt.com
Mon May 11 17:18:47 UTC 2009
Arthur Pemberton wrote:
> On Mon, May 11, 2009 at 9:51 AM, Daniel B. Thurman <dant at cdkkt.com> wrote:
>
>> Patrick W. Barnes wrote:
>>
>>> On Sunday 10 May 2009 19:26:51 Daniel B. Thurman wrote:
>>>
>>>
>>>> DRAT! TYPO!
>>>>
>>>> Should be:
>>>>
>>>> <VirtualHost host.domain.com:80>
>>>> ServerName host.domain.com
>>>> CustomLog /svn/Admin/logs/access.log combined
>>>> ErrorLog /svn/Admin/logs/error.log
>>>> SSLProxyEngine on
>>>> ProxyPass / https://host.domain.com/
>>>> ProxyPassReverse / https://host.domain.com/
>>>> </VirtualHost>
>>>>
>>>> <VirtualHost host.domain.com:443>
>>>> [...]
>>>> </VirtualHost>
>>>>
>>>> My mistake was the 2nd VirtualHost clause where 80 should be 443:
>>>>
>>>> Now, that's better ;)
>>>>
>>>>
>>> Keep in mind that having Apache proxy non-HTTPS queries will mean that the
>>> link from the client to the server will NOT be SSL-protected. Traffic from
>>> the SVN client to your server will be in the clear.
>>>
>>>
>> Sigh, I tested http://[...] and it appears that SSL certification is not
>> being requested, so it appears that you are correct.
>>
>> I will keep trying. If anyone has a (potential) solution, please let me
>> know?
>>
>
>
> Why don't you just turn of http? And/or redirect all http to https?
>
Then that would mean that my normal website for anonymous users
would be forced use https when it is not required?
As it is, I could just drop the <VirtualHost host.domain.com:80>
code block for subversion and who cares if subversion reports an error
for those attempting to use the http:[...]/svn/svnX string, as it would
not be allowed except for https.
Seems nicer to force http to https only for /svn requests but perhaps
there is no solution/support for it... from what I can tell, others have
claimed to get this to work but I have not been able to duplicate it.
More information about the fedora-list
mailing list