Tim escreveu: > Vinicius: >>>> I did do "RedirectPermanent / https://myserver.com/", but the site is >>>> presenting an error. > > Tim: >>> Which one? The redirecting HTTP one, or the HTTPS one they're directed >>> to? > > You haven't answered the above. Which part of the server is presenting > the error. > It's in the past now. When I disabled the "Listen" and the "RedirectPermanent" directives then both the server and the client are working fine with HTTPS. The server is only serving HTTPS. > >>>> Both the server and the client use certificates issued by a local CA, >>>> and I created a SSLRequire rule to allow only the client to enter the >>>> site. I think the SSL check failed because of the RedirectPermanent. > >>> More details needed. Server configuration, the specific redirection >>> rules, at least. > > > Vinicius: >> Hello, >> >> I did do the following: >> 1. created a CA certificate; >> 2. created a server certificate signed by the CA; >> 3. created a client certificate, CA as root; Imported it to Firefox; >> 4. created a "SSLRequire" rule to allow only this specific client to >> enter the site. It checks the O, OU and the CN. >> 5. disabled the "Listen" Directive for HTTP. > > In what way did you "disable" it? I seem to recall that if you don't > have one, you end up with defaults. > >> Now, I would like to use DAV, but the application DAVExplorer's >> (DAVExplorerSSL.sh) authentication fails with the message: "Connection >> error: javavx.net.ssl.SSLPeerUnverifiedException: peer not >> authenticated". I have entered the address https://localhost/upload . >> >> The snippet of httpd.conf regarding DAV: >> " >> <Directory /var/www/upload> >> Dav On >> AuthName "Top Secret" >> AuthUserFile /var/davpasswd >> AuthType Basic >> </Directory> >> " > > I'd fix other problems before starting on a new one, but basic > authentication and HTTPS aren't compatible with each other. > I have heard that's possible to use DAV and SSL together. Any ideas, pl'ease? TIA, Vinicius.
Attachment:
signature.asc
Description: OpenPGP digital signature
-- fedora-list mailing list fedora-list@xxxxxxxxxx To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list