How to redirect http to https with Apache/SVN/SSL
Daniel B. Thurman
dant at cdkkt.com
Mon May 11 17:25:25 UTC 2009
Patrick W. Barnes wrote:
> On Monday 11 May 2009 11:18:53 Craig White wrote:
>
>> On Mon, 2009-05-11 at 07:44 -0700, Daniel B. Thurman wrote:
>>
>>> Craig White wrote:
>>>
>>>> ----
>>>> try...
>>>>
>>>> RedirectPermanent /svn/ https://host.domain.com/svn
>>>>
>>>> Craig
>>>>
>>> Thanks, but it does not work:
>>> $ svn list http://host.domain.com/svn/svn1
>>> svn: PROPFIND request failed on '/svn/svn1'
>>> svn: PROPFIND of '/svn/svn1': 301 Moved Permanently
>>> (http://host.domain.com)
>>>
>> ----
>> if this is what it actually reported, then you didn't implement
>> correctly. What is document root in /etc/http/conf.d/ssl.conf ?
>>
>>
>
> Actually, that is exactly the documented behavior. RedirectPermanent sends
> back a 301 status message to the client. A web browser would respond by
> quietly following the redirect, but Subversion does not do that. Subversion,
> when presented with any 30x redirect, will dump a message and fail rather than
> follow the redirect... which is exactly why it will never do what Daniel wants
> it to do.
>
So, does that mean there is no solution that can work for what I
am trying to do? I was also hoping to confine redirection only
to the /svn location.
From everywhere I looked on the Internet, many claim to get it
working but I have not been able to duplicate it. I constantly get
various errors from the different schemes I have tried, to force
redirection from http to https for subversion @ /svn only.
Using the Proxy command, it sorta works but as you pointed it out,
and I have verified it, the http works except that it does not actually
"switch" to https asking for an SSL self-signed certificate but it works
if I use the https:// URL string.
I sure hope it is not something I have done wrong in my conf.d/*.conf
files as I discovered that my early attempts in setting up a basic SVN
setup was foiled by having system-config-httpd.conf overriding everything
and by removing this file, I was able to get to the point where I am now.
More information about the fedora-list
mailing list