[thelist] Apache SSL setup

Dave Merrill dmerrill at usa.net
Mon May 23 14:32:53 CDT 2005


> > >Make sense? How else do you require ssl for *all* connections?
> > >
> > >Dave Merrill
> > >
> > >
> > >
> > Also, check out:
> > http://httpd.apache.org/docs-2.0/ssl/ssl_howto.html
> >
> > particularly:
> >
> > http://httpd.apache.org/docs-2.0/mod/mod_ssl.html#sslrequire
>
> Thanks, I found that myself this morning, but the syntax isn't at
> all clear
> to me.
>
> Found SSLRequireSSL too, which is less specific, but perfect for my global
> use:
> http://httpd.apache.org/docs-2.0/mod/mod_ssl.html#sslrequiressl
>
> This seems like it should do exactly what I want, irrespective of port,
> hostname (localhost, my_machine_name, my_ip etc). I used it like this:
>
> ----------------
> <Location />
> SSLRequireSSL
> </Location>
> ----------------
>
> However, the result is that ssl is *not* required for localhost. It is
> required for 127.0.0.1, my machine name, my LAN ip, and my WAN ip, as I'd
> expect. Any idea why that is, or what other configs would affect
> this? It's
> not that important I suppose, I'm just trying to understand.
>
> Not to seem as ignorant as I am, but the Location/SSLRequireSSL block is
> inside a '<VirtualHost _default_:10010>' block that was already there in
> ssl.conf, and that contains most other ssl options. Does that
> have something to do with it?

More specifically, ssl isn't required for http://localhost:my_port/, only.
http://localhost:my_port/some_file.htm or /some_indexable_dir/ do require
it.

That makes this issue even less important practically speaking, but I'd
still like to understand it if anyone can clue me in.

Thanks,

Dave Merrill




More information about the thelist mailing list