[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [cobalt-users] Secure CGI on a RaQ4

Subject: RE: [cobalt-users] Secure CGI on a RaQ4
From: "WebSite Creations" <main@xxxxxxxxxxxxxxxxxxxx>
Date: Sun Oct 8 20:00:01 2000
List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>

TEMPORARY?? FIX FOR SECURE CGI PROBLEM

I recently added shared SSL on a RaQ4 server.

Now, any site on the server can use SSL like so...
https://www.main-secure-domain.com/secure/www.anydomain.com/nameoffile.html

I ran into a problem with attempting to process secure cgi scripts...
https://www.server600.net/secure/www.avidinternet.com/formmail.pl

I kept getting an Internal Server Error.  I understand that I must use some
type of ScriptAlias to make this work.  However, numerous visits to the
Cobalt.com site, the archives, and Redhat Linux config manuals
(http://www.redhat.com/support/manuals/RHL-7-Manual/ref-guide/ch-configurati
on.html) have resulted in nothing but late nights and some new circles under
my eyes.

However, I needed a solution for secure CGI right away, and I have come up
with the following temporary fix.  Please let me know your thoughts.

MY TEMPORARY SOLUTION FOR SHARED SECURE CGI CALLS
I decided to give each user who needs to process secure cgi, a USER account
under the MAIN secure site (the one I purchased and installed the Thawte
Certificate on).

Thus, they can upload any secure cgi scripts to this directory, without
having to wait on our support department to do it for them.

Example:

The main secure site is

https://www.server600.net

The user site who will need secure cgi access is

http://www.avidinternet.com

Their normal secure URL, using our shared cert is

https://www.server600.net/secure/www.avidinternet.com/
(you can also use the site number in place of 'www.avidinternet.com')
https://www.server600.net/secure/site2/

That much solves the everyday shared SSL problem.  Now, to the secure CGI
temporary solution.

I added a user account from the siteadmin of server600.net (server600.net is
the main site with SSL installed).  I called this new user 'avidinternet' so
that the secure call has their name in it still.  Thus, their secure files
can be accessed at the following URL;

https://www.server600.net/~avidinternet/formmail.pl

This seems to work fine, though, I must admit, this is a temporary fix.  I
am still looking for 'ScriptAlias' instructions to make this less of a
hassle. But, it works in the mean-time.


Oh, don't forget to give the user the FTP instructions

Hostname:  main-securesite.com
Username:  username-added-for-them
Password:  password-added-for-them
Remote:  /web

* Note, when I add a user for this purpose, I do not give them site admin
priveleges for the user name.  I leave that box 'unchecked'.

They can add files to their heart's content without bothering our support to
do it for them.  It makes them feel that they have autonomy over their
secure files and that is good.

Again, any thoughts on this are welcome.

Bill Micke

References:
- RE: [cobalt-users] Secure CGI on a RaQ4
  - From: WebSite Creations

Prev by Date: Re: [cobalt-users] RaQ 3 - Can not add sites after Restore - Help!
Next by Date: RE: [cobalt-users] [RaQ3i] hosts.deny
Previous by thread: RE: [cobalt-users] Secure CGI on a RaQ4
Next by thread: Re: [cobalt-users] Secure CGI on a RaQ4

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index