Re: SSL and ProxyPass
Ragnar Beer <rbeer@uni-goettingen.de> wrote:
Using Apache's ProxyPass with ZServer seems much easier than the CGI modal. Is there any reason not to use this? http://www.zope.org/Members/anser/apache_zserver
I haven't found anything in the HowTo that says how one would deal with SSL so I _guess_ it's not possible. Is that true?
With Apache, it is more usually the case that unless someone specifically says something is NOT possible, there is a way to do it. :) ProxyPass creates a complete separate TCP connection on the backside. Assuming you want to use an SSL connection between the users and your Apache front end, and a non-SSL connection between the Apache proxy and your Zope back server, Apache does this easily. Just make sure Apache is built with SSL support, and add the SSLEngine, SSLCertificateFile, and SSLCertificateKeyFile directives to the overall config or VirtualHost section.
anser wrote:
I haven't found anything in the HowTo that says how one would deal with SSL so I _guess_ it's not possible. Is that true?
ProxyPass creates a complete separate TCP connection on the backside. Assuming you want to use an SSL connection between the users and your Apache front end, and a non-SSL connection between the Apache proxy and your Zope back server, Apache does this easily. Just make sure Apache is built with SSL support, and add the SSLEngine, SSLCertificateFile, and SSLCertificateKeyFile directives to the overall config or VirtualHost section.
Won't there problems with BASE? The SiteRoot objects set the base to "http://www.example.com", not "https://www.example.com". -- Itamar S.T. itamar@maxnm.com
On Thu, May 11, 2000 at 11:19:20AM +0300, Itamar Shtull-Trauring wrote:
Won't there problems with BASE? The SiteRoot objects set the base to "http://www.example.com", not "https://www.example.com".
Magic setting "HTTPS=on" on the 'start' command line should do it. -- Ng Pheng Siong <ngps@post1.com> * http://www.post1.com/home/ngps
participants (3)
-
anser -
Itamar Shtull-Trauring -
Ng Pheng Siong