Does the Zope webserver have SSL built in? Can I have secured transactions with Zope? How is that achieved?
On Friday 31 May 2002 2:49 pm, Frank Peavy wrote:
Does the Zope webserver have SSL built in?
There are patches to do that, but, unless you have a good reason not to, it would be better to use a front end proxy such as squid or apache, and let them take care of encryption. (the list archives contain all the details about why that is a better approach)
on 5/31/02 10:31 AM, Toby Dickenson at tdickenson@geminidataloggers.com wrote:
Does the Zope webserver have SSL built in?
There are patches to do that, but, unless you have a good reason not to, it would be better to use a front end proxy such as squid or apache, and let them take care of encryption.
Fair enough--but for low volume intranet-like sites, Zope with built-in SSL is very convenient, easy to manage, and has decent performance. Richard Jones has produced a pre-compiled Zope 2.43 with SSL and WebDAV SSL for MacOSX that really makes things easy (and includes his attractive GUI Zope controller): http://www.zope.org/Members/richard/zope_for_osx/ Granted I haven't looked hard, but I have not found a straightforward description of how to do the SSL build. I'd like to put together a package similar to Richard's for Zope 2.51 Jim Harrison Univ. of Pittsburgh
--On 31 May 2002 12:21 -0400 Jim Harrison <jhrsn@pitt.edu> wrote:
Fair enough--but for low volume intranet-like sites, Zope with built-in SSL is very convenient, easy to manage, and has decent performance. Richard Jones has produced a pre-compiled Zope 2.43 with SSL and WebDAV SSL for MacOSX that really makes things easy (and includes his attractive GUI Zope controller):
http://www.zope.org/Members/richard/zope_for_osx/
Granted I haven't looked hard, but I have not found a straightforward description of how to do the SSL build. I'd like to put together a package similar to Richard's for Zope 2.51
Jim: Just to say "yes please". I think it would be good for Zope to be able to say "secure out of the box". Whilst recognising that Apache + Zope will continue to be the preferred route for many, I think it's an extra bit of complexity that the newcomer to Zope can do without. FWIW links to the only recipes for standalone Zope + SSL known to me can be found via <http://www.zope.org/Members/glpb/dwhowto>. As I recall I never quite figured how make the WebDAV port secure using that advice so it would be great if you could straighten things out for me. Paul -- The Library, Tyndall Avenue, Univ. of Bristol, Bristol, BS8 1TJ, UK E-mail: paul.browning@bristol.ac.uk URL: http://www.bris.ac.uk/
On Saturday 01 Jun 2002 6:27 am, Paul Browning wrote:
I think it would be good for Zope to be able to say "secure out of the box".
Good, yes, but it would be alot of work. Just adding SSL support wont do it. Also, its work that would be wasted on the majority of people who do use a front-end proxy.
Whilst recognising that Apache + Zope will continue to be the preferred route for many, I think it's an extra bit of complexity that the newcomer to Zope can do without.
Agreed.
participants (4)
-
Frank Peavy -
Jim Harrison -
Paul Browning -
Toby Dickenson