[Zope] SSL config question

AM list_subscriber@neurobs.com
Thu, 23 Jan 2003 11:21:59 -0800


fiexed that :
im the rewrite rule

https://192.168.10.172:8080/VirtualHostBase/http/nbs.domain.com:443/nbs.domain.com/VirtualHostRoot/$1 
[L,P]

just replace the starting https

with http

am

AM wrote:

> addendum:
>
> I get an
>
> (20014)Error string not specified yet:
>
> in my error logs.
>
> any ideas.
>
> TIA
> AM
>
> AM wrote:
>
>> Hi,
>>
>> I am running Zope 2.6 on RH7.3 with Python 2.1.3 and Apache 2.x
>> In my setup I have a firewall running open bsd and the zope server 
>> running on another box running behind it. The firewall lets in HTTP 
>> and HTTPS based on ports to the internal machine based on a specific 
>> IP. I have managed to configure the zope server as a virtual host on 
>> the machine.
>>
>> When I tried to set it up for SSL I ran into problems. When I type in 
>> https://.... my browser just waits forever.
>> I have included my ssl.conf. The SSL for the apache works, but it 
>> doesnt work for th zope part.
>>
>> Any help would be appreciated.
>>
>> TIA
>> AM
>>
>>
>> ------------------------------------------------------------------------
>>
>> <IfDefine SSL>
>>
>> Listen 443
>>
>> AddType application/x-x509-ca-cert .crt
>> AddType application/x-pkcs7-crl    .crl
>>
>> SSLPassPhraseDialog  builtin
>> SSLSessionCache         dbm:logs/ssl_scache
>> SSLSessionCacheTimeout  300
>> SSLMutex  file:logs/ssl_mutex
>> SSLRandomSeed startup builtin
>> SSLRandomSeed connect builtin
>>
>> NameVirtualHost 192.168.10.172:443
>>
>> <VirtualHost 192.168.10.172:443>
>>
>> UseCanonicalName Off
>> DocumentRoot "/var/local/apache/htdocs"
>> ServerName www.domain.com:443
>> ServerAdmin webmaster@domain.com
>> ErrorLog logs/ssl_error_log
>> TransferLog logs/ssl_access_log
>>
>> SSLEngine on
>> SSLCipherSuite 
>> ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
>> SSLCertificateFile /usr/share/ssl/nbs.crt
>> SSLCertificateKeyFile /usr/share/ssl/nbs.pem
>>
>> <Files ~ "\.(cgi|shtml|phtml|php3?)$">
>>    SSLOptions +StdEnvVars
>> </Files>
>> <Directory "/var/local/apache/cgi-bin">
>>    SSLOptions +StdEnvVars
>> </Directory>
>>
>> SetEnvIf User-Agent ".*MSIE.*" \
>>         nokeepalive ssl-unclean-shutdown \
>>         downgrade-1.0 force-response-1.0
>>
>> CustomLog logs/ssl_request_log \
>>          "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
>>
>> </VirtualHost>                                 
>> <VirtualHost 192.168.10.172:443>
>>
>> UseCanonicalName Off
>> ServerName nbs.neuro-bs.com:443
>> ServerAdmin webmaster@domain.com
>> RewriteEngine On
>> RewriteRule ^/(.*) 
>> https://192.168.10.172:8080/VirtualHostBase/http/nbs.domain.com:80/nbs.domain.com/VirtualHostRoot/$1 
>> [L,P]
>> ProxyVia On ErrorLog logs/zope_ssl_error_log
>> TransferLog logs/zope_ssl_access_log
>>
>> SSLEngine on
>> SSLCipherSuite 
>> ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
>> SSLCertificateFile /usr/share/ssl/nbs-zope.crt
>> SSLCertificateKeyFile /usr/share/ssl/nbs.pem
>>
>> <Files ~ "\.(cgi|shtml|phtml|php3?)$">
>>    SSLOptions +StdEnvVars
>> </Files>
>> <Directory "/var/local/apache/cgi-bin">
>>    SSLOptions +StdEnvVars
>> </Directory>
>>
>> SetEnvIf User-Agent ".*MSIE.*" \
>>         nokeepalive ssl-unclean-shutdown \
>>         downgrade-1.0 force-response-1.0
>>
>> CustomLog logs/ssl_request_log \
>>          "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
>>
>> </VirtualHost>
>>
>> </IfDefine>
>>
>>  
>>
>

-- 
==================================================================
 Aseem Mohanty							   
 Neurobehavioral Systems Inc, 828 San Pablo Ave, Albany, CA 94706 
 (R) 510 7696011 (M) 510 3014871 (O) 510 5279231		  	
==================================================================								  	
 "I saw `cout' being shifted "Hello world" times to the left and  
  stopped right there!!"                        -- Steve Gonedes  
==================================================================