www.webdeveloper.com
Page 2 of 2 FirstFirst 12
Results 16 to 21 of 21

Thread: [RESOLVED] Apache2.2, SSL, I'm stuck 8(

  1. #16
    Join Date
    Mar 2004
    Posts
    3,081
    Could it be that your DocumentRoot directive in your httpd-ssl.conf file points to somewhere that you haven't granted access to? I would have thought that c:/Apache/htdocs/ssldocs would be available anyway with it being under your htdocs directory, but it's worth a try. Have you changed your DocumentRoot directive to point to c:/Apache/htdocs/ssldocs? Try adding
    Code:
    <Directory "C:/Apache/htdocs/ssldocs">
    	SSLOptions +StdEnvVars
    </Directory>
    somewhere inside your <VirtualHost _default_:443></VirtualHost> element.

    Did you confirm that the default general SSL config worked before tweaking it to restrict SSL to this directory?
    I'm thuper, thanks for asking.

    It lives! http://www.stephenphilbin.com/ (Well it kinda' does anyway).
    My portable colour selection tool

  2. #17
    Join Date
    Mar 2004
    Posts
    3,081
    Oh and I know that the Windows file-system is not case-sensitive, but I'm not sure about whether or not letter casing matters when specifying files/directories to Apache. Could it be something as simple as the c:/ needing to be changed to C:/? I have absolutely no experience with Apache on Windows, so I don't know if things like that will matter or not.
    I'm thuper, thanks for asking.

    It lives! http://www.stephenphilbin.com/ (Well it kinda' does anyway).
    My portable colour selection tool

  3. #18
    Join Date
    Aug 2008
    Posts
    96
    Well the SSL protocol it self works. As long as I keep the "SSLdocs" directory inside my htdocs directory. The problem with it being inside the htdocs directory. Is that a user could type into the browser "http://mysite.com/SSLdocs" and now they've reached a secure section that isn't secure. You see what I'm saying?

    I want my UN-encrypted directory and my Encrypted directory to be completey seperated. So that theres no way you can jump from one to the other.

    So basically if I type in my browser "http://mysite.com/" apache will serve files from "htdocs".

    But, If I type in "https://mysite.com/" apache will serve from "SSLdocs".

    Which in a sense it does now with "SSLdocs" INSIDE "htdocs".

    The issue is that I can still type in "HTTP://mysite.com/SSLdocs" and apache serves the files unencrypted.

    Surely there must be a simple way to tell apache that I have two seperate directorys.

    "c:/apache/htdocs" < Standard Protocol (*:80)

    and

    "c:/apache/SSLdocs" < SSL Protocol (*:443)

    On windows the directories are not case-sensitive.

    The reason I can't get this to work is because if SSLdocs directory is NOT inside htdocs directory apache acts like the SSLdocs directory is not allowed.

    So there is something that tells apache not to let users in any other directory then htdocs. I need to change that something to allow another directory "SSLdocs".

  4. #19
    Join Date
    Mar 2004
    Posts
    3,081
    Oh. I think I get it now. So your SSL docs directory is next to your htdocs. Well that explains why you're getting the 403, then. I can't believe it didn't click sooner. I'm pretty sure you can probably do it simply by keeping the DocumentRoot directive in ssl.conf pointing to your SSL docs directory, and keeping the SSL docs directory as a sibling of the htdocs directory (rather than a child), and then allowing access to the directory via some instructions placed in the httpd.conf file.

    I'll have a fiddle with the directory structure and config on one of my hosts and see if I can do it this way. I'll post back soon with hopefully simple instructions.
    I'm thuper, thanks for asking.

    It lives! http://www.stephenphilbin.com/ (Well it kinda' does anyway).
    My portable colour selection tool

  5. #20
    Join Date
    Mar 2004
    Posts
    3,081
    Tadaa!

    Add
    Code:
    <Directory "/usr/local/apache2/seacritz">
    	Options Indexes
    	AllowOverride None
    	Order allow,deny
    	Allow from all
    	SSLRequireSSL
    </Directory>
    to your httpd.conf file

    and have
    Code:
    DocumentRoot "/usr/local/apache2/seacritz"
    in your httpd-ssl.conf file and you should be ready to rock 'n' roll. Just make sure to replace "seacritz" with the name of your SSL directory, and remember that Apache will require a restart for the changes to take effect.

    Sorry it took so long to sort it.
    I'm thuper, thanks for asking.

    It lives! http://www.stephenphilbin.com/ (Well it kinda' does anyway).
    My portable colour selection tool

  6. #21
    Join Date
    Aug 2008
    Posts
    96
    Stephen you are the mo frikin MAN!!

    That works perfectly!


    Thank you very much!!!

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
HTML5 Development Center



Recent Articles