"Alec Munro" <alec.munro@eoascientific.com> writes:
I guess I misphrased it. I need a secure method of communication with Zope. I want to be able to log in to the ZMI, or other administration tools, from a remote location, without sending passwords flying across the internet in cleartext. The server is a dedicated box in San Antonio, and I'm in Halifax. I don't actually need the communication between Apache and Zope to be secure, at least as long as they are behind the same firewall.
I think I've got it figured out anyway, but I would still appreciate suggestions.
Thanks,
Alec
This is what we did for apache + zope. There may be better ways. Make sure you have mod_ssl installed. Add this section for your <host.domain.com> and <ip-address> in httpd.conf and restart apache. I tested it by watching tcpdump -x | hex2ascii. There were no cleartext passwords and the content was also protected. <VirtualHost ip-address:443> ServerName host.domain.com DocumentRoot /var/inet/html SSLEngine on SSLCertificateFile /etc/httpd/conf/ssl.crt/server.crt SSLCertificateKeyFile /etc/httpd/conf/ssl.key/server.key SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown RewriteEngine on # Do not allow use of the Zope management interfaces. RewriteCond %{REQUEST_URI} manage RewriteRule manage - [F] RewriteRule ^/(.*) http://localhost:8080/VirtualHostBase/https/host.domain.com:443/intranet/Vir... [P,L] </VirtualHost> Ricardo Anguiano anguiano@codesourcery.com CodeSourcery, LLC http://www.codesourcery.com