[Zope] SSL config question
AM
list_subscriber@neurobs.com
Thu, 23 Jan 2003 11:21:59 -0800
fiexed that :
im the rewrite rule
https://192.168.10.172:8080/VirtualHostBase/http/nbs.domain.com:443/nbs.domain.com/VirtualHostRoot/$1
[L,P]
just replace the starting https
with http
am
AM wrote:
> addendum:
>
> I get an
>
> (20014)Error string not specified yet:
>
> in my error logs.
>
> any ideas.
>
> TIA
> AM
>
> AM wrote:
>
>> Hi,
>>
>> I am running Zope 2.6 on RH7.3 with Python 2.1.3 and Apache 2.x
>> In my setup I have a firewall running open bsd and the zope server
>> running on another box running behind it. The firewall lets in HTTP
>> and HTTPS based on ports to the internal machine based on a specific
>> IP. I have managed to configure the zope server as a virtual host on
>> the machine.
>>
>> When I tried to set it up for SSL I ran into problems. When I type in
>> https://.... my browser just waits forever.
>> I have included my ssl.conf. The SSL for the apache works, but it
>> doesnt work for th zope part.
>>
>> Any help would be appreciated.
>>
>> TIA
>> AM
>>
>>
>> ------------------------------------------------------------------------
>>
>> <IfDefine SSL>
>>
>> Listen 443
>>
>> AddType application/x-x509-ca-cert .crt
>> AddType application/x-pkcs7-crl .crl
>>
>> SSLPassPhraseDialog builtin
>> SSLSessionCache dbm:logs/ssl_scache
>> SSLSessionCacheTimeout 300
>> SSLMutex file:logs/ssl_mutex
>> SSLRandomSeed startup builtin
>> SSLRandomSeed connect builtin
>>
>> NameVirtualHost 192.168.10.172:443
>>
>> <VirtualHost 192.168.10.172:443>
>>
>> UseCanonicalName Off
>> DocumentRoot "/var/local/apache/htdocs"
>> ServerName www.domain.com:443
>> ServerAdmin webmaster@domain.com
>> ErrorLog logs/ssl_error_log
>> TransferLog logs/ssl_access_log
>>
>> SSLEngine on
>> SSLCipherSuite
>> ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
>> SSLCertificateFile /usr/share/ssl/nbs.crt
>> SSLCertificateKeyFile /usr/share/ssl/nbs.pem
>>
>> <Files ~ "\.(cgi|shtml|phtml|php3?)$">
>> SSLOptions +StdEnvVars
>> </Files>
>> <Directory "/var/local/apache/cgi-bin">
>> SSLOptions +StdEnvVars
>> </Directory>
>>
>> SetEnvIf User-Agent ".*MSIE.*" \
>> nokeepalive ssl-unclean-shutdown \
>> downgrade-1.0 force-response-1.0
>>
>> CustomLog logs/ssl_request_log \
>> "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
>>
>> </VirtualHost>
>> <VirtualHost 192.168.10.172:443>
>>
>> UseCanonicalName Off
>> ServerName nbs.neuro-bs.com:443
>> ServerAdmin webmaster@domain.com
>> RewriteEngine On
>> RewriteRule ^/(.*)
>> https://192.168.10.172:8080/VirtualHostBase/http/nbs.domain.com:80/nbs.domain.com/VirtualHostRoot/$1
>> [L,P]
>> ProxyVia On ErrorLog logs/zope_ssl_error_log
>> TransferLog logs/zope_ssl_access_log
>>
>> SSLEngine on
>> SSLCipherSuite
>> ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
>> SSLCertificateFile /usr/share/ssl/nbs-zope.crt
>> SSLCertificateKeyFile /usr/share/ssl/nbs.pem
>>
>> <Files ~ "\.(cgi|shtml|phtml|php3?)$">
>> SSLOptions +StdEnvVars
>> </Files>
>> <Directory "/var/local/apache/cgi-bin">
>> SSLOptions +StdEnvVars
>> </Directory>
>>
>> SetEnvIf User-Agent ".*MSIE.*" \
>> nokeepalive ssl-unclean-shutdown \
>> downgrade-1.0 force-response-1.0
>>
>> CustomLog logs/ssl_request_log \
>> "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
>>
>> </VirtualHost>
>>
>> </IfDefine>
>>
>>
>>
>
--
==================================================================
Aseem Mohanty
Neurobehavioral Systems Inc, 828 San Pablo Ave, Albany, CA 94706
(R) 510 7696011 (M) 510 3014871 (O) 510 5279231
==================================================================
"I saw `cout' being shifted "Hello world" times to the left and
stopped right there!!" -- Steve Gonedes
==================================================================