I found the answear to this this a year ago, but can no longer find where I found it. I have a Zope site set up with modrewrite and apache so that Zope shows up as the root of the site: RewriteEngine on RewriteRule ^/static/(.*) /home/httpd/html/$1 [l] RewriteRule ^/cgi-bin/(.*) /home/httpd/cgi-bin/$1 [e=HTTP_CGI_AUTHORIZATION:%1,t=application/x-httpd-cgi,l] RewriteCond %{HTTP:Authorization} ^(.*) RewriteRule ^/(.*) /home/httpd/cgi-bin/Zope/$1 [e=HTTP_CGI_AUTHORIZATION:%1,t=application/x-httpd-cgi,l] (I know the format is wrong, this email client added carriage returns, but it works as typed in the server withour CRs.) I added modssl, but when I go in on an https I get the original apache root page, and can only access zope at https://address/cgi-bin/Zope . Furthermore, since the SSL connection is not going through modrewrite I cannot log in over SSL, I can just view the pages that anonymous has access to (none). How do I modify the above to make it work with ssl connections (it does not need to work with non-ssl connection since I will disable non-ssl as soon as I get ssl working. Sorry this is a little incoherant, I am suffering from jet-lag. -Harry