Thanks so much for the reply. I guess I didn't understand the SSLRequireSSL directive; it's an enforcement directive then. I mistook it for a redirector (don't ask how I arrived at that conclusion :-(doh) ). May I press on? As I previously mentioned, I installed a web mail program on my mail server, and through its conf file, ahve it SSL-enabled. Users reach that program by being redirected by our web server (using the directive "redirect /webmailprog https://mailserver.mydomain.com/webmailprog";, and it works great. Now, however, if I add a similar redirector on the mail server to try and see that http://mailserver/program goes to https://mailserver/program, I get a complaint that there are too many redirectors for this http server. Point of story - how can I make sure that http:// goes to https://? For that matter, how can I set up so that any particular directory is SSL-enabled and http:// is redirected to https://? I appreciate your help. Dimitri On Friday October 07 2005 2:34 am, Axel-Stéphane SMORGRAV wrote: > I guess the problem is that you made a request over a non-SSL connection, > and the error you get is exactly what SSLRequireSSL is supposed to do when > the resource is accessed over a non-SSL connection. > > Make sure that your request is submitted using the HTTPS scheme, i.e. > https://myserver/mailscanner (or similar). Also make sure that all the > requests for embedded documents are also made using HTTPS. Some of the > documents that you receive may well contain links using the HTTP scheme > rather than HTTPS. > > A good tool for tracking such issues is HTTPWatch for IE, or > LiveHTTPheaders for FireFox. > > -ascs > > -----Original Message----- > From: Dimitri Yioulos [mailto:dyioulos@xxxxxxxxxxxxx] > Sent: Thursday, October 06, 2005 9:28 PM > To: users@xxxxxxxxxxxxxxxx > Subject: [users@httpd] SSL and directories > > Hello to all. > > I'm pretty new to apache and ssl. I have httpd-2.0.46-46.3.ent.centos.1 > and mod_ssl-2.0.46-46.3.ent.centos.1 installed on a CentOS 3.3 box. I have > an SSL cert installed, and SSLCertificateFile and SSLCertificateKey > locations specified correctly in ssl.conf. I have a web mail app which I'm > now able to access via SSL (but I did the SSL config in the app itself), so > I'm pretty confident the basic SSL setup is correct. > > I want to access another web-based program (Mailwatch for MailScanner, no > SSL config directives in the program) via SSL. According to everything I > read, I should add the directive: > > <Directory /var/www/html/mailscanner> > SSLRequireSSL > </Directory> > > to my httpd.conf file. When I do this, and restart httpd, I get a 403 > error. The httpd error log reads "access to var/www/html/mailscanner/ > failed, reason: SSL connection required". > > This is driving me crazy. Would someone be kind enough to point out my > faux-pas? > > Many thanks. > > Dimitri > > --------------------------------------------------------------------- > The official User-To-User support forum of the Apache HTTP Server Project. > See <URL:http://httpd.apache.org/userslist.html> for more info. > To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx > " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx > For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|