[Zope] VHM and SSL protection problem

Sophia Grimm sophiagrimm at yahoo.com
Fri Nov 4 12:26:09 EST 2005


Hello Everyone.

I have an existing Cosign-protected site and now I
need a site that is only SSL encrypted. We have many
apps for which users should be authenticated against a
local MySQL database *instead* of Cosign, but we want
network traffic to be encrypted. I originally tried
setting this up all in one Zope server in different
folders, but I can't get SSL to work without Cosign
authentication on that Zope server. So I tried
installing a separate Zope, as shown below.

My current setup is:
Macintosh OS X Server 10.4.2, Apache 1.3.33,
mod_fastcgi 2.4.2, mod_ssl 2.8.22, OpenSSL 0.9.7g,
with Cosign. I have but one ethernet address for the
server.

Installation #1: Plone 2/Zope 2.7.1
This is our Cosign-protected, stable setup using
FastCGI to put Apache in front of Zope (which I know
is outdated but I cannot immediately change).

Installation #2: Plone 2.1/Zope 2.7.7
I'm trying to use VHM and an Apache rewrite rule to
protect this site with SSL. I'm using instructions
from http://plone.org/documentation/how-to/apache-ssl
. Step number 7 shows this rewrite rule:

RewriteRule ^/(.*)
http://localhost:8080/VirtualHostBase/https/www.yourmachinename.com:443/$1

So if my original Zope site was 
http://www.sg.com:8080/
the above rule should simply rewrite the URL to
https://www.sg.com:443/
which would force all requests for the http site to go
through SSL before being forwarded to Zope. Correct? 

However, when I create a VHM (without any special
mappings) and add the rewrite rule and restart, Apache
seems to completely ignore the rewrite. Modifying it
in various ways causes errors.

Any hints are much appreciated. Thanks! -- SG


	
		
__________________________________ 
Yahoo! Mail - PC Magazine Editors' Choice 2005 
http://mail.yahoo.com


More information about the Zope mailing list