Re: How to redirect http to https with Apache/SVN/SSL [SOLVED]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On Mon, May 11, 2009 at 12:18 PM, Daniel B. Thurman <dant@xxxxxxxxx> wrote:
> Arthur Pemberton wrote:
>>
>> On Mon, May 11, 2009 at 9:51 AM, Daniel B. Thurman <dant@xxxxxxxxx> wrote:
>>
>>>
>>> Patrick W. Barnes wrote:
>>>
>>>>
>>>> On Sunday 10 May 2009 19:26:51 Daniel B. Thurman wrote:
>>>>
>>>>
>>>>>
>>>>> DRAT!  TYPO!
>>>>>
>>>>> Should be:
>>>>>
>>>>> <VirtualHost host.domain.com:80>
>>>>>  ServerName host.domain.com
>>>>>  CustomLog /svn/Admin/logs/access.log combined
>>>>>  ErrorLog  /svn/Admin/logs/error.log
>>>>>  SSLProxyEngine on
>>>>>  ProxyPass / https://host.domain.com/
>>>>>  ProxyPassReverse / https://host.domain.com/
>>>>> </VirtualHost>
>>>>>
>>>>> <VirtualHost host.domain.com:443>
>>>>>  [...]
>>>>> </VirtualHost>
>>>>>
>>>>> My mistake was the 2nd VirtualHost clause where 80 should be 443:
>>>>>
>>>>> Now, that's better ;)
>>>>>
>>>>>
>>>>
>>>> Keep in mind that having Apache proxy non-HTTPS queries will mean that
>>>> the
>>>> link from the client to the server will NOT be SSL-protected.  Traffic
>>>> from
>>>> the SVN client to your server will be in the clear.
>>>>
>>>>
>>>
>>> Sigh,  I tested http://[...] and it appears that SSL certification is not
>>> being requested, so it appears that you are correct.
>>>
>>> I will keep trying.  If anyone has a (potential) solution, please let me
>>> know?
>>>
>>
>>
>> Why don't you just turn of http? And/or redirect all http to https?
>>
>
> Then that would mean that my normal website for anonymous users
> would be forced use https when it is not required?
>
> As it is, I could just drop the <VirtualHost host.domain.com:80>
> code block for subversion and who cares if subversion reports an error
> for those attempting to use the http:[...]/svn/svnX string, as it would
> not be allowed except for https.
>
> Seems nicer to force http to https only for /svn requests but perhaps
> there is no solution/support for it...  from what I can tell, others have
> claimed to get this to work but I have not been able to duplicate it.

Put a redirect to https inside a <Location> tag then

-- 
Fedora 10
(www.pembo13.com)

-- 
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [Fedora Magazine]     [Fedora News]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [SSH]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Tux]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux