Question: How to make a SSL connection to a pass protecteddirectory?

Question: How to make a SSL connection to a pass protecteddirectory?

am 21.12.2007 18:47:16 von timothy

System Info: Fedora core 6, apache 2.2.6, mod_ssl

Good day group,
I'm trying to set up a password protected directory with a ssl connection.
The goal would be to have ssl encrypt the connection to the user/pass
challenge and the connection after authentication. Here's a snip of my
..conf


SSLRequireSSL
AuthUserFile /XXXXXXX/XXXX/XXXXX/.passwd
AuthName "FOAD"
AuthType Basic
require valid-user


The directory is protected when SSLRequireSSL is removed. With SSL, I
connect to https://host.com/protect and the pass requirement is lost. Is
there a way around this?

Thank you for your time.

--
Posted via a free Usenet account from http://www.teranews.com

Re: Question: How to make a SSL connection to a pass protecteddirectory?

am 21.12.2007 19:41:21 von timothy

On Fri, 21 Dec 2007 20:08:21 +0100, Davide Bianchi wrote:

> On 2007-12-21, Timothy wrote:
>>
>> SSLRequireSSL
>> AuthUserFile /XXXXXXX/XXXX/XXXXX/.passwd
>> AuthName "FOAD"
>> AuthType Basic
>> require valid-user
>>
>
> Is this in the ssl-related virtual host or not? Usually, when you
> activate ssl, you have two virtual hosts, one for the ssl-part and
> one for the non-ssl part. Check your configuration file.
>
> Davide
>

Thank you for your reply Davide,
I'm assuming your asking if I have a ?
I do not. I did think that it was needed due to ssl working 'out of the
box'. I will create a ssl vhost and see what breaks. Thanks for pointing
me in the right direction.....
Timothy

--
Posted via a free Usenet account from http://www.teranews.com

Re: Question: How to make a SSL connection to a pass protecteddirectory?

am 21.12.2007 19:57:49 von timothy

On Fri, 21 Dec 2007 18:41:21 +0000, Timothy wrote:

> Thank you for your reply Davide,
> I'm assuming your asking if I have a ?
> I do not. I did think that it was needed due to ssl working 'out of the
> box'. I will create a ssl vhost and see what breaks. Thanks for pointing
> me in the right direction.....
> Timothy
>

WT... my time stamp is an hour off? My system time is correct... is
Teranews living in the past...?

--
Posted via a free Usenet account from http://www.teranews.com

Re: Question: How to make a SSL connection to a pass protected directory?

am 21.12.2007 20:08:21 von unknown

Post removed (X-No-Archive: yes)

Re: Question: How to make a SSL connection to a pass protected directory?

am 21.12.2007 20:43:11 von unknown

Post removed (X-No-Archive: yes)

Re: Question: How to make a SSL connection to a pass protecteddirectory?

am 22.12.2007 00:24:01 von timothy

On Fri, 21 Dec 2007 20:43:11 +0100, Davide Bianchi wrote:

> On 2007-12-21, Timothy wrote:
>> I'm assuming your asking if I have a ?
>> I do not.
>
> That's surprising, usually, the out-of-the-box configuration file
> has all the required bits for ssl support, including the NameVirtualHost
> directive and the block for SSL.
>
> Davide
>

The default apache config is a bit different due to this apache 2.2.6 is
on a VPS. The VPS installs a OS template and a lamp set-up pre-configured
(somewhat).

At this point I can access the /protect directory via ssl. I can configure
a user/pass challenge for /protect directory _OR_ access said directory
with a ssl connection. I cannot do both. The goal would be to have a ssl
connection _before_ the user/pass challenge, ensuring that the user/pass
is encrypted. The connection would look like:
http://host.com/protect
ssl connection created
authentication requested/provided
Entrance to the /protect directory granted.

Solutions that have been tried:
1

SSLRequireSSL
AuthUserFile /XXXXXXX/XXXX/XXXXX/.passwd
AuthName "FOAD"
AuthType Basic
require valid-user


This solution ignores user/pass. Sends user to the /protect directory with
a ssl connection.

2
Redirect /protect https://www.host.com/protect

DocumentRoot "/var/www/html"
ServerName host.com


AuthUserFile /XXX/XXXXX/XXXX/.passwd
AuthName "FOAD"
AuthType Basic
Require valid-user
Satisfy All


ServerAlias *.host.com


I thought that this would work. Maybe I need to create a new sub-domain,
something like https://www.secure.host.com/protect. The redirect from
/protect to a new sub-domain may make more sense...
Tim

--
Posted via a free Usenet account from http://www.teranews.com

Re: SOLVED Question: How to make a SSL connection to a passprotected directory?

am 22.12.2007 01:16:03 von timothy

On Fri, 21 Dec 2007 23:24:01 +0000, Timothy wrote:
I figured it out. I needed a sub-domain. Here's the recipe I used:


DocumentRoot "/var/www/html"
ServerName host.com
ServerAlias *.host.com
ErrorDocument 404 /404.html

Redirect /protect https://www.secure.host.com



DocumentRoot "/var/www/html/protect"
ServerName secure.host.com
ServerAlias *.secure.host.com


AuthUserFile /XXXX/XXXX/XXXX/.passwd
AuthName "FOAD"
AuthType Basic
Require valid-user
Satisfy All




Don't know if this the best solution, but it's working for me atm.
Timothy

--
Posted via a free Usenet account from http://www.teranews.com

Re: SOLVED Question: How to make a SSL connection to a passprotected directory?

am 22.12.2007 01:16:11 von timothy

On Fri, 21 Dec 2007 23:24:01 +0000, Timothy wrote:
I figured it out. I needed a sub-domain. Here's the recipe I used:


DocumentRoot "/var/www/html"
ServerName host.com
ServerAlias *.host.com
ErrorDocument 404 /404.html

Redirect /protect https://www.secure.host.com



DocumentRoot "/var/www/html/protect"
ServerName secure.host.com
ServerAlias *.secure.host.com


AuthUserFile /XXXX/XXXX/XXXX/.passwd
AuthName "FOAD"
AuthType Basic
Require valid-user
Satisfy All




Don't know if this the best solution, but it's working for me atm.
Timothy

--
Posted via a free Usenet account from http://www.teranews.com