well .. I finally got M2Crypto to compile (wrong version of swig) and when I went to install it is was wanting to overwrite stuff like /ZServer/__init__.py and whatnot so I cancelled out and backed everything up, thank goodness, because when I did let it overwrite them it destroyed the zope server. I tried everything to get this thing back up and had to fall back on the back-ups. It can't be THIS HARD to get a secure connection on Zope! Thanks for your input. Rick On Wednesday 10 April 2002 11:37 am, you wrote:
On Wed, Apr 10, 2002 at 10:20:09AM -0700, D. Rick Anderson wrote:
What is the best method for implementing SSL for Zope on RedHat 7.1? I've tried the Apache front-end thing and it works for our local network but the web server is behind a firewall and something about portforwarding keeps it from working through the firewall. Isn't there some product that you can simply install into Zope that gives you SSL capability? I looked into MCrypto but it wouldn't compile correctly on this box.
I would look at the portforwarding stuff again. You should definately be able to pierce the firewall for https using portforwarding. I do this all the time. It does lead to other problems (the remote client sees a host name mismatch.)
Otherwise, you are going to have to ssl proxy outside the firewall. The problem with this is that it uses a lot of cycles, so you probably do not want this on the firewall. On the other hand, if you do all of your decryption outside the firewall, you have partially negated the value of having the traffic encrypted in the first place.
Jim Penny
TIA
Rick
_______________________________________________ Zope maillist - Zope@zope.org http://lists.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope-dev )