Re: How to redirect http to https with Apache/SVN/SSL [SOLVED]

On Mon, May 11, 2009 at 12:18 PM, Daniel B. Thurman <dant@xxxxxxxxx> wrote:
Arthur Pemberton wrote:

On Mon, May 11, 2009 at 9:51 AM, Daniel B. Thurman <dant@xxxxxxxxx> wrote:


Patrick W. Barnes wrote:


On Sunday 10 May 2009 19:26:51 Daniel B. Thurman wrote:



DRAT!  TYPO!

Should be:

<VirtualHost host.domain.com:80>
 ServerName host.domain.com
 CustomLog /svn/Admin/logs/access.log combined
 ErrorLog  /svn/Admin/logs/error.log
 SSLProxyEngine on
 ProxyPass / https://host.domain.com/
 ProxyPassReverse / https://host.domain.com/
</VirtualHost>

<VirtualHost host.domain.com:443>
 [...]
</VirtualHost>

My mistake was the 2nd VirtualHost clause where 80 should be 443:

Now, that's better ;)



Keep in mind that having Apache proxy non-HTTPS queries will mean that
the
link from the client to the server will NOT be SSL-protected.  Traffic
from
the SVN client to your server will be in the clear.



Sigh,  I tested http://[...] and it appears that SSL certification is not
being requested, so it appears that you are correct.

I will keep trying.  If anyone has a (potential) solution, please let me
know?



Why don't you just turn of http? And/or redirect all http to https?


Then that would mean that my normal website for anonymous users
would be forced use https when it is not required?

As it is, I could just drop the <VirtualHost host.domain.com:80>
code block for subversion and who cares if subversion reports an error
for those attempting to use the http:[...]/svn/svnX string, as it would
not be allowed except for https.

Seems nicer to force http to https only for /svn requests but perhaps
there is no solution/support for it...  from what I can tell, others have
claimed to get this to work but I have not been able to duplicate it.

Put a redirect to https inside a <Location> tag then

--
Fedora 10
(www.pembo13.com)

--
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines

Relevant Pages

  • Re: iis 6 ssl redirect initial login encrypted?
    ... will be the vd and custom redirect file, ... listen on the HTTPS port. ... This way any requests that go to the HTTP virtual server will ...
    (microsoft.public.inetserver.iis.security)
  • Re: Individual XmlHttpRequest requests over HTTPS??
    ... I have a page that makes many XmlHttpRequest requests from a ... This works fine but I need some requests to be ... secure requests by making the whole page HTTPS?? ...
    (comp.lang.javascript)
  • Re: Dynamically loading JS into iFrames - preventing IE7 popups when leaving/entering secure con
    ... I have a webpage where Im creating AJAX type requests by loading ... dynamic pages containg JavaScript into hidden iFrames. ... https from the one page (which is an http page so https requests will ... alerts and be concerned with the security of my site. ...
    (comp.lang.javascript)
  • Re: Automating access to a HTTPS website
    ... It allows you to set the credentials as it requests the resources: ... Originally, as I am not familiar with HTTPS and SSL, i tried to capture ... And, as you probably have guessed, it didnt work, because, as I just ... thats not HTTP based and thus can't be captured by my HTTP sniffer. ...
    (microsoft.public.dotnet.framework.aspnet)
  • Re: cross-domain
    ... domain usually can't run your script on their server (who can't/won't afford ... I cannot view/spy/log the requests. ... Ajax Cross Domain can run over HTTPS or HTTP. ...
    (comp.lang.javascript)