Hi, I've put together a HTTPS_Server for ZServer, based on my https_server. Let's say I run HTTPS_Server at https://127.0.0.1:8443. I can get to Zope's default main screen; however the url's returned are http, e.g., http://127.0.0.1:8443/QuickStart. That is, these are _http_ urls pointing to my _https_ server. Naturally, when I connect to such a url, the server generates a SSL23_GET_CLIENT_HELLO error, because my browser is talking http, not https. Using HTTPServer, I look at the DTML for index_html and see: <a href="<!--#var URL1-->/QuickStart/">QuickStart</a> material. Browse around the web UI... Didn't see anywhere to change URL1 easily. So, RTFM... Ok, found the explanation for URLn under "name lookup" in the DTML Reference. Fine. But I'm still stuck. Thus, my questions are: why is "http" hardcoded, and where do I change it? TIA. Cheers. PS. https_server comes with M2Crypto. http://www.post1.com/home/ngps PPS. I'm not subscribed to the list. Please cc your replies to me. -- Ng Pheng Siong <ngps@post1.com>
At 10:54 PM 10/11/99 +0800, Ng Pheng Siong wrote:
I've put together a HTTPS_Server for ZServer, based on my https_server.
Interesting, I'd like to hear more about this project. [base URL is http:// not https://] Perusing the ZPublisher sources it appears the HTTPS=on must be set in the environment in order for ZPublisher to set a base URL that begins https:// I believe that just setting this environment variable will fix this for you. If not, you'll need to hack ZServer/HTTPServer.py to put HTTPS=on in ZServer's environment. This would probably be done in zhttp_handler.get_environment. Good luck! -Amos
Amos Latteier and Anthony Baxter illuminated thusly:
HTTPS=on
Capital! This was it. Thanks! I've put together a tarball of my additions to ZServer to do https. It can be had here: http://www.post1.com/home/ngps/m2 Here's the README_SSL.txt from the tarball: 12 Oct 1999 ------------- This is a drop-in (well, almost) enhancement to Zope-2.0.1-src to enable https support. Unpack the package in Zope's top-level directory. The files in the tarball are additions to the standard distribution, except ZServer/__init__.py; i.e., the only file clobbered when you unpack this package is ZServer/__init__.py. For the careful, here's the diff to ZServer/__init__.py: --- __init__.py.org Tue Oct 12 22:21:35 1999 +++ __init__.py Tue Oct 12 22:21:35 1999 @@ -121,6 +121,7 @@ from medusa import resolver, logger, asyncore from HTTPServer import zhttp_server, zhttp_handler +from HTTPS_Server import zhttps_server from PCGIServer import PCGIServer from FTPServer import FTPServer from PubCore import setNumberOfThreads The file ca.pem contains my CA certificate. The file server.pem contains a certificate for the server, signed by the CA; its RSA private key is not protected by a passphrase. These certificates are for DEMONSTRATION only. SSL support is provided by M2Crypto, which is available at: http://www.post1.com/home/ngps/m2 Please use the current snapshot. Obtain and install M2Crypto. Then start the Zope https server thusly: ./starts -W 8443 <usual other parameters> HTTPS=on Note that this is alpha software, no warranty, etc. Feedback is very much appreciated. Cheers. -- Ng Pheng Siong <ngps@post1.com>
participants (2)
-
Amos Latteier -
Ng Pheng Siong