[Zope] Install Zope correctly (Some more comments)

Oliver Marx oliver@tekk.dk
Fri, 26 Jul 2002 04:09:24 +0200 

It seems that:

    SSLEngine on
    SSLCertificateFile /var/zope-sites/FooBar/conf/ssl/server.pub
    SSLCertificateKeyFile /var/zope-sites/FooBar/conf/ssl/server.key
    SSLCipherSuite ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
    SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown

is a problem under normal http.

Often you see this par of the SSL in a pair of <VirtualHost > </VirtualHost>

\Oliver - which will continue to work on this problem.

>>-----Original Message-----
>>From: zope-admin@zope.org [mailto:zope-admin@zope.org]On Behalf Of
>>Oliver Marx
>>Sent: 26. juli 2002 01:48
>>To: Zope mailinglist
>>Subject: [Zope] Install Zope correctly
>>
>>
>>Dear List
>>
>>I have just read this:
>>http://www.zope.org/Members/beacon/install_instructions
>>
>>And I and a bit confused over this part: btw - the comments are mine.
>>
>>#Client is connection to www.foobar.net and we do the RewriteRule dance.
>>
>>    ServerName foobar.net
>>    ServerAlias www.foobar.net  # What the f..k ServerAlias outside
>><VirtualHost> !! ??
>>    ServerAdmin admin
>>    DocumentRoot /var/zope-sites/FooBar/static
>>    CustomLog /var/zope-sites/FooBar/logs/access_log combined
>>    RewriteEngine on
>>    RewriteRule ^/images/ - [L]
>>    RewriteRule ^/(.*)
>>http://127.0.0.1:8080/VirtualHostBase/http/foobar.net:80/MySites/F
>>ooBar/Virt
>>ualHostRoot/$1 [P]
>>
>>
>> # The intention with this part seems to be that if the client tries to
>>connect to manage.foobar.net via http he is forced to use https.
>>
>>    ServerName manage.foobar.net  # ?? ServerName used as a condition?
>>    ServerAdmin admin
>>    RewriteEngine on
>>    RewriteCond %{SERVER_PORT}	!443
>>    RewriteRule ^/(.*) https://manage.foobar.net/$1 [P]
>>
>>
>># The client is connecting to manage.foobar.net via https and we do the
>>usual RewriteRule dance.
>>
>>    ServerAdmin admin
>>    DocumentRoot /var/zope-sites/FooBar/static
>>    CustomLog /var/zope-sites/FooBar/logs/access_log combined
>>    ServerName manage.foobar.net
>>    RewriteEngine on
>>    RewriteRule ^/images/ - [L]
>>    RewriteRule ^/(.*)
>>http://127.0.0.1:8080/VirtualHostBase/https/manage.foobar.net:443/
MySites/Fo
oBar/VirtualHostRoot/$1 [P]
    SSLEngine on
    SSLCertificateFile /var/zope-sites/FooBar/conf/ssl/server.pub
    SSLCertificateKeyFile /var/zope-sites/FooBar/conf/ssl/server.key
    SSLCipherSuite ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
    SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown

How on earth is this supposed to work?
AFAIK One cannot use ServerName as a condition the way it seems to be used
here.

All comments welcome!

\Oliver
---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.371 / Virus Database: 206 - Release Date: 13-06-2002


_______________________________________________
Zope maillist  -  Zope@zope.org
http://lists.zope.org/mailman/listinfo/zope
**   No cross posts or HTML encoding!  **
(Related lists -
 http://lists.zope.org/mailman/listinfo/zope-announce
 http://lists.zope.org/mailman/listinfo/zope-dev )
---
Incoming mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.371 / Virus Database: 206 - Release Date: 13-06-2002

---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.371 / Virus Database: 206 - Release Date: 13-06-2002