[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-users] Quick Question

Subject: Re: [cobalt-users] Quick Question
From: "Richard Green" <rgreen@xxxxxxxxxxxxx>
Date: Thu Mar 30 08:19:37 2000
Organization: Connective Communications
Chad,
I saved the SSL instructions I used which were posted to this list about
9-10 months ago. The raq2 requires a bit more setup then the raq3. Note that
the changes must be made to your httpsd.conf file

Rich

SSL CGI SETUP:
Make a cgi-bin below your secure html directory:
mkdir /home/httpd/html/cgi-bin

Make sure CGI is enabled by editing:
/etc/httpd/conf/httpsd.conf

Change/confirm the following settings:
Options Indexes FollowSymLinks Includes ExecCGI
ScriptAlias /cgi-bin/ /home/httpd/html/cgi-bin/

-----------------------

I've also worked out a way for any virtual domain to access our
secure server from within their virtual domain without having to
manually load their pages into the secure server directory.  They
simply keep their files in their own virtual domains and access
them thru the secure server via a symbolic link to their virtual
html and cgi directories.  I've also included the basic SSL
server's CGI setup in case you haven't performed these yet...

NOTES:
secure-domain = secure server domain
domain-name   = any virtual domain desiring secure access

Login as admin and become root:
su

VIRTUAL SECURE ACCESS SETUP:

For each domain, create a symbolic link for your html files:
cd /home/httpd/html
ln -s /home/sites/www.domain-name.com/web domain-name

Then create a symbolic link for your cgi files:
cd /home/httpd/html/cgi-bin
ln -s /home/sites/www.domain-name.com/web/cgi-bin domain-name

This will allow you to run html from within the virtual domain by
using the secure server's address.  The html and cgi actually
resides within the virtual domain and are accessed via the secure
server with:

https://www.secure-domain.com/domain-name/anypage.html

That's all there is to it, and it works like a charm.  To keep
the link secure, the virtual domain must call the html through
the secure server, but it all looks pretty seamless to the end
user and makes development and backup easy for the webmaster.  I
am using bnbform for our cgi processes with domain checking to
ensure the secure server isn't being abused by other sites.  You
must include the secure server's address in the "okaydomains"
table to make this work as follows:

@okaydomains=("http://www.domain-name.com";,
"https://www.secure-domain.com";);

This works great for me, I hope it helps you...

Paul

PS... Please note that the secure server does not support
CGIwrap!


----- Original Message -----
From: "Casselman, Chad" <chad.casselman@xxxxxxxxxx>
To: <cobalt-users@xxxxxxxxxxxxxxx>
Sent: Thursday, March 30, 2000 10:01 AM
Subject: RE: [cobalt-users] Quick Question


> So sorry.
>
> It is a RAQ2.
>
> thanks,
> chad
>
> -----Original Message-----
> From: Richard Green [mailto:rgreen@xxxxxxxxxxxxx]
> Sent: Thursday, March 30, 2000 9:58 AM
> To: cobalt-users@xxxxxxxxxxxxxxx
> Subject: Re: [cobalt-users] Quick Question
>
>
> Chad,
> Is it a raq2 or raq3-
> They are completely different as far as ssl goes. I don't want to spend a
> lot of time anwsering for one server that doesn't do you any good.
>
> Rich
>
>
> ----- Original Message -----
> From: "Casselman, Chad" <chad.casselman@xxxxxxxxxx>
> To: <cobalt-users@xxxxxxxxxxxxxxx>
> Sent: Thursday, March 30, 2000 9:07 AM
> Subject: RE: [cobalt-users] Quick Question
>
>
> > Ok, I haven't thought of all the options.  Here is the thing.  I have a
> ssl
> > certificate on http://www.domain1.com and a while back I found in the
> > archives a way to make that certificate work for all sites on the server
> by
> > mapping https://www.domain1.com/domain2secure to a directory
> > http://www.domain2.com/securearea  and this way you access the secure
area
> > for domain2 by https://www.domain1.com/domain2secure and it would bring
> the
> > stuff from the directory.
> >
> > Please tell me the best way to get this to work.  I have everything in
> place
> > but not the httpd.conf file has be reset as expected.
> >
> > Thanks for you time,
> > chad
> >
> > -----Original Message-----
> > From: Richard Green [mailto:rgreen@xxxxxxxxxxxxx]
> > Sent: Thursday, March 30, 2000 9:24 AM
> > To: cobalt-users@xxxxxxxxxxxxxxx
> > Subject: Re: [cobalt-users] Quick Question
> >
> >
> > Chad,
> > I have found with a raq that the best thing to do is stay out of the
conf
> > files if possible. Some things can be added/changed without problem. For
> > example, changing DocumentRoot can have serious consequences. When you
> make
> > a change, it works as expected. But when you go back to the GUI to
modify
> > something on the site, you could be in a world of hurt. I learned this
> > through personal experience.
> >
> > The safest way would be to directly link to domain2 within domain1's
html
> > code. Since this is to easy, I'll assume you already thought of this and
> > discarded the idea.
> >
> > The second safe way would be to use a symbolic link which links
directory1
> > to directory2. This would require a modification to the conf file or a
> > .htaccess file. You would need to modify/add code such as:
> >
> > <Directory /home/sites/domain1/web/directory>
> > Options Indexes FollowSymLinks Includes ExecCGI
> > Order allow,deny
> > Allow from all
> > </Directory>
> >
> >
> > Hope this helps,
> > Rich
> >
> > ----- Original Message -----
> > From: "Casselman, Chad" <chad.casselman@xxxxxxxxxx>
> > To: <cobalt-users@xxxxxxxxxxxxxxx>
> > Sent: Thursday, March 30, 2000 8:25 AM
> > Subject: [cobalt-users] Quick Question
> >
> >
> > > I know that is stupid but I need the answer anyway.
> > >
> > > I have a directory on
> > > http://www.domain1.com/test on one site and I want it to point to
> > > http://www.domain2.com/text2.  How do I do that?  I know it is
something
> > to
> > > do with the httpd.conf but I have seems to erase it and can't get it
> back.
> > > I had it done, but now it is gone.  I don't want it to redirect just
> pull
> > up
> > > the content from the other site.
> > >
> > > Thanks,
> > > chad
> > >
> > > _______________________________________________
> > > cobalt-users mailing list
> > > cobalt-users@xxxxxxxxxxxxxxx
> > > To Subscribe or Unsubscribe, please go to:
> > > http://list.cobalt.com/mailman/listinfo/cobalt-users
> > >
> >
> >
> > _______________________________________________
> > cobalt-users mailing list
> > cobalt-users@xxxxxxxxxxxxxxx
> > To Subscribe or Unsubscribe, please go to:
> > http://list.cobalt.com/mailman/listinfo/cobalt-users
> >
> > _______________________________________________
> > cobalt-users mailing list
> > cobalt-users@xxxxxxxxxxxxxxx
> > To Subscribe or Unsubscribe, please go to:
> > http://list.cobalt.com/mailman/listinfo/cobalt-users
> >
>
>
> _______________________________________________
> cobalt-users mailing list
> cobalt-users@xxxxxxxxxxxxxxx
> To Subscribe or Unsubscribe, please go to:
> http://list.cobalt.com/mailman/listinfo/cobalt-users
>
> _______________________________________________
> cobalt-users mailing list
> cobalt-users@xxxxxxxxxxxxxxx
> To Subscribe or Unsubscribe, please go to:
> http://list.cobalt.com/mailman/listinfo/cobalt-users
>
References:
- RE: [cobalt-users] Quick Question
  - From: Casselman, Chad
Prev by Date: Re: [cobalt-users] Samba 2.0.6 compiling error
Next by Date: [cobalt-users] Warning: site admin lists are out of sync. Fixing...
Previous by thread: RE: [cobalt-users] Quick Question
Next by thread: [cobalt-users] Replacing existing Mail Server with RAQ3
Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index