[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-users] SSL and Virtual Hosts

Subject: Re: [cobalt-users] SSL and Virtual Hosts
From: "TC Concepts" <fred@xxxxxxxxxxxxxx>
Date: Sun May 21 20:13:38 2000

Hi Van -

Can't answer the first one, and Zeffie has suggested the proper "first
step" for the second, but this may be useful.  At the very least it
should help in getting the cgis to work AT ALL on your ssl server.

I just got cgi working in subdirectories on ssl.  I don't know if this
is the right way to do it, but I wanted to have subdirectories (for my
clients) where I could run cgis that were specific to each one (each
client, that is).  Eventually, I want to try and set it up whereby a
symbolic link on their regular site simply points to the corresponding
directory on the ssl server (that way, they SHOULD be able to upload
their own secure files and scripts).  In the meantime, I got the test
script to work in a subdirectory (/home/httpd/html/subdir/) by modifying
two lines in httpd-ssl.conf, which is the file that the symbolic link
httpsd.conf points to, and which can be found in etc/httpd/conf/.  Here
are the two sections I modified [my notes to you are in brackets]:

**************************************************

#
# This may also be "None", "All", or any combination of "Indexes",
# "Includes", "FollowSymLinks", "ExecCGI", or "MultiViews".
#
# Note that "MultiViews" must be named *explicitly* --- "Options All"
# doesn't give it to you.
#
    Options Indexes FollowSymLinks Includes ExecCGI


[I added ExecCGI to the Options, which was the only one not there
before.  I'm also thinking about getting rid of Indexes, so web surfers
can't just look at the contents of a directory if it doesn't have an
index.htm, etc. file.  Incidentally, I performed the next step first,
and that wasn't enough.  Apparently it helped to actually enable cgi.
:-) ]


#
# AddHandler allows you to map certain file extensions to "handlers",
# actions unrelated to filetype. These can be either built into the
server
# or added with the Action command (see below)
#
# If you want to use server side includes, or CGI outside
# ScriptAliased directories, uncomment the following lines.
#
# To use CGI scripts:
#
AddHandler cgi-script .cgi

[You'll need to scroll quite a bit to get to this section.  Don't
confuse it with the actual ScriptAlias section.]

**************************************************
Anyway, this worked for me on our RAQ2.  Don't know if it's the right
way to do it or if this truly addresses your situation, but it's
something.  Don't forget to restart the ssl server with the command:

/etc/rc.d/init.d/httpsd restart

Sincerely,

Fred Watt
Owner, TC Concepts
mailto:fred@xxxxxxxxxxxxxx
http://tcconcepts.com


----- Original Message -----
From: G. Armour Van Horn <vanhorn@xxxxxxxxxxxxxxxxx>
To: <cobalt-users@xxxxxxxxxxxxxxx>; <cobalt-users@xxxxxxxxxxxxxxx>
Sent: Sunday, May 21, 2000 7:44 PM
Subject: [cobalt-users] SSL and Virtual Hosts


> I have been trying to setup a secure site for one client on my RaQ2.
>
> The root server is valkyrie.image-acquire.com (generally www).
> The client virtual server is www.wheelergalleries.com
>
> The certificate is for wheelergalleries.com from Thawte.
>
> I can generally access anything normally visible with http on that
virtual
> server with https, but the cgi-bin contents are not found. The root
domain
> (image-acquire.com) cannot be seen with https, it goes to the "old"
> document root, which is the default in the httpsd.conf file, and that
> allows me to see the mod_ssl docs so I don't want to "fix" that right
away.
>
> When I restart the httpsd server I get the "pass phrase" challenge
from
> another server, specifically www.larkinart.com. larkinart.com does not
> appear anwhere in the httpsd.conf file, in fact that virtual server
has
> never been used at all other than to park the domain. (My wife,
Larkin, is
> about to kill me because I don't have her site built, but she also
knows
> that the cobbler's children never have new shoes!)
>
> I only have one virtual site actually configured in httpsd.conf, and
that
> is wheelergalleries. As far as I know, I will never need any other
secure
> servers configured on this machine, although I don't want to destroy
the
> option unless I really have to.
>
> So, how do I get the server to issue the "permission phrase" challenge
for
> the right server, and how do I get the server to recognize the
/cgi-bin
> directory structure as well as it handles the rest of the
> wheelergalleries.com site?
>
> Van
> ----------------
> Digital Eyes: Scanners and Digital Cameras -- Directory, News, and
Reviews
> http://www.image-acquire.com
>
> _______________________________________________
> cobalt-users mailing list
> cobalt-users@xxxxxxxxxxxxxxx
> To Subscribe or Unsubscribe, please go to:
> http://list.cobalt.com/mailman/listinfo/cobalt-users
>

References:
- [cobalt-users] SSL and Virtual Hosts
  - From: G. Armour Van Horn

Prev by Date: [cobalt-users] Auto Responder
Next by Date: Re: [cobalt-users] Error Log Entries - Restarting
Previous by thread: Re: [cobalt-users] SSL and Virtual Hosts
Next by thread: [cobalt-users] ASP Files Again......

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index