[Zope] SSL config question
AM
list_subscriber@neurobs.com
Thu, 23 Jan 2003 11:15:43 -0800
addendum:
I get an
(20014)Error string not specified yet:
in my error logs.
any ideas.
TIA
AM
AM wrote:
> Hi,
>
> I am running Zope 2.6 on RH7.3 with Python 2.1.3 and Apache 2.x
> In my setup I have a firewall running open bsd and the zope server
> running on another box running behind it. The firewall lets in HTTP
> and HTTPS based on ports to the internal machine based on a specific
> IP. I have managed to configure the zope server as a virtual host on
> the machine.
>
> When I tried to set it up for SSL I ran into problems. When I type in
> https://.... my browser just waits forever.
> I have included my ssl.conf. The SSL for the apache works, but it
> doesnt work for th zope part.
>
> Any help would be appreciated.
>
> TIA
> AM
>
>
>------------------------------------------------------------------------
>
><IfDefine SSL>
>
>Listen 443
>
>AddType application/x-x509-ca-cert .crt
>AddType application/x-pkcs7-crl .crl
>
>SSLPassPhraseDialog builtin
>SSLSessionCache dbm:logs/ssl_scache
>SSLSessionCacheTimeout 300
>SSLMutex file:logs/ssl_mutex
>SSLRandomSeed startup builtin
>SSLRandomSeed connect builtin
>
>NameVirtualHost 192.168.10.172:443
>
><VirtualHost 192.168.10.172:443>
>
>UseCanonicalName Off
>DocumentRoot "/var/local/apache/htdocs"
>ServerName www.domain.com:443
>ServerAdmin webmaster@domain.com
>ErrorLog logs/ssl_error_log
>TransferLog logs/ssl_access_log
>
>SSLEngine on
>SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
>SSLCertificateFile /usr/share/ssl/nbs.crt
>SSLCertificateKeyFile /usr/share/ssl/nbs.pem
>
><Files ~ "\.(cgi|shtml|phtml|php3?)$">
> SSLOptions +StdEnvVars
></Files>
><Directory "/var/local/apache/cgi-bin">
> SSLOptions +StdEnvVars
></Directory>
>
>SetEnvIf User-Agent ".*MSIE.*" \
> nokeepalive ssl-unclean-shutdown \
> downgrade-1.0 force-response-1.0
>
>CustomLog logs/ssl_request_log \
> "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
>
></VirtualHost>
>
><VirtualHost 192.168.10.172:443>
>
>UseCanonicalName Off
>ServerName nbs.neuro-bs.com:443
>ServerAdmin webmaster@domain.com
>RewriteEngine On
>RewriteRule ^/(.*) https://192.168.10.172:8080/VirtualHostBase/http/nbs.domain.com:80/nbs.domain.com/VirtualHostRoot/$1 [L,P]
>ProxyVia On
>ErrorLog logs/zope_ssl_error_log
>TransferLog logs/zope_ssl_access_log
>
>SSLEngine on
>SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
>SSLCertificateFile /usr/share/ssl/nbs-zope.crt
>SSLCertificateKeyFile /usr/share/ssl/nbs.pem
>
><Files ~ "\.(cgi|shtml|phtml|php3?)$">
> SSLOptions +StdEnvVars
></Files>
><Directory "/var/local/apache/cgi-bin">
> SSLOptions +StdEnvVars
></Directory>
>
>SetEnvIf User-Agent ".*MSIE.*" \
> nokeepalive ssl-unclean-shutdown \
> downgrade-1.0 force-response-1.0
>
>CustomLog logs/ssl_request_log \
> "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
>
></VirtualHost>
>
></IfDefine>
>
>
>
--
==================================================================
Aseem Mohanty
Neurobehavioral Systems Inc, 828 San Pablo Ave, Albany, CA 94706
(R) 510 7696011 (M) 510 3014871 (O) 510 5279231
==================================================================
"I saw `cout' being shifted "Hello world" times to the left and
stopped right there!!" -- Steve Gonedes
==================================================================