[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[cobalt-users] Re: Raq2 Virtual SSL pages?

Subject: [cobalt-users] Re: Raq2 Virtual SSL pages?
From: "Michael Schulz" <michael@xxxxxxxxxxxxxxx>
Date: Mon Mar 12 12:49:29 2001
Organization: Web Feat, Inc.
List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>

Clayton,

I tried setting up a virtual SSL server similar to what you have on my Raq3 and had the same problems.  I found an
alternative method that I think works much more efficiently...  Figured it out myself so I can't point you to any other
instructions.

Basically the way I did this was to create a mirror of all the sites and then simply call it securely.  If you know what I
mean then there's no need to read below.  Otherwise...

Create a sub-domain off of a virtual site that you have.  (secure.yourdomain.com).  You can use a domain name of course, but
then the domain will be used solely for mirroring SSL.

Edit the httpd.conf file.  (Not sure where this is on a Raq2 or if it's setup the same.)

What you need to do is remove all Alias commands and add the following:

AliasMatch ^/([^/]+)(/(.*))? /home/sites/$1/web/$3

(Assuming that directory structure of a Raq2 is /home/sites/site#/web to access web files.)

When it's setup this way CGI works fine...  And it mirrors all of the customers files as well.  So customers who don't want
to purchase their own certificate have another alternative.  Illegal use of a certificate?  It's been discussed in this list
before, I know that... you can make your own moral decisions on it.  ; )

Called through https://secure.yourdomain.com/www.theirdomain.com/etc...
(Works when not called securely as well.  Good for viewing files on SharedIP accounts before a domain has been transfered!)

Good luck!

Michael







> Message: 10
> Date: Sat, 03 Mar 2001 14:42:25 -0700
> From: "Clayton McGow" <mrwilder@xxxxxxxxxxx>
> To: "cobalt-users@xxxxxxxxxxxxxxx" <cobalt-users@xxxxxxxxxxxxxxx>
> Subject: [cobalt-users] Raq2 Virtual SSL pages?
> Reply-To: cobalt-users@xxxxxxxxxxxxxxx
>
> Hello all,
>
> I have set up OpenSSL on my raq2, generated my own cert,
> etc... it all works great. Here's my question:
>
> I set DocumentRoot to /home/sites/ssl with Script Alias
> /cgi-bin/ "/home/sites/ssl/cgi-bin/"
>
> I made a symbolic link to some of my virtual sites, so they
> can drop things in an ssl environment. For example,
>
> mkdir /home/sites/ssl/www.virtualdomain.com
> cd /home/sites/ssl
> chown somesiteadmin www.virtualdomain.com
> ln -s -d /home/sites/ssl/www.virtualdomain.com
> /home/sites/www.virtualdomain.com/web/ssl
> cd /home/sites/www.virtualdomain.com/web
> chown somesiteadmin
> /home/sites/www.virtualdomain.com/web/ssl
>
> Now, THAT works fine (the customer can drop an index.html
> file in their ssl folder, and it shows up on the web as
> secure)... BUT when I try this:
>
> mkdir /home/sites/ssl/cgi-bin/virtualdomain.com
> cd /home/sites/ssl/cgi-bin
> chown somesiteadmin virtualdomain.com
> ln -s -d /home/sites/ssl/cgi-bin/virtualdomain.com
> /home/sites/www.virtualdomain.com/web/ssl/cgi-bin
> cd /home/sites/www.virtualdomain.com/web/ssl
> chown somesiteadmin
> /home/sites/www.virtualdomain.com/web/ssl/cgi-bin
>
> The CGIs don't work.
>
> The customers cgi's ARE parsed from the "real" script alias
> folder (/home/sites/ssl/cgi-bin/virtualdomain) but NOT from
> the symbolic link in their folder (the one at
> /home/sites/www.virtualdomain.com/web/ssl/cgi-bin)
>
> In other words, if I go to
> https://ssl.atoznet.com/cgi-bin/virtualdomainname/test.cgi ,
> it works... but if I go to
> https://www.virtualdomainname.com/ssl/cgi-bin/test.cgi   it
> doesn't.
>
> I have expiremented a lot and when the symbolic link is in
> the URL, I always either get "you do not have permission to
> access this file" OR I get the file, but it's not parsed,
> ie., I just see the text in the cgi source.
>
> I've tried chmod 777 every file/dir in the path, both real
> and symbolic. and adding a "scriptalias" line for the
> SYMBOLIC folders in httpd.conf. I've tried changing the
> value for followsymlinks. Nothing works.
>
> Also, I have one other problem. My FTP client (WS-FTP Pro)
> can NOT open any of the symbolic links I have created. It
> treats them as files to download, rather than directories.
> The symbolic link folders work fine in telnet, however.
>
> Any body have  an idea of how I should go about this (other
> than actually getting everyone a certificate and their own
> IP address)?
>
>
> --
> Clayton McGow
> mrwilder@xxxxxxxxxxx
>
>
> --__--__--

Prev by Date: Re: [cobalt-users] case sensitive html - customer confusion
Next by Date: Re: [cobalt-users] [RaQ3]Error running postrotate script
Previous by thread: Re: [cobalt-users] [RaQ3]Error running postrotate script
Next by thread: [cobalt-users] Frontpage does not accept my login

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index