|
Home > Archive > Apache Server configuration support > December 2007 > Configuring HTTPS
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
|
|
| Aaron Gray 2007-12-29, 2:03 am |
| Okay, got a SSL certificate now, found out I can only have one HTTPS named
virtual server which is a sh*t.
Now anyone tell me how to make Apache force/only use HTTPS for shtml file
serving and not allow HTTP to access .shtml files ?
Many tanks in advance,
Aaron
| |
| Davide Bianchi 2007-12-29, 7:38 am |
| On 2007-12-29, Aaron Gray <ang.usenet@gmail.com> wrote:
> Okay, got a SSL certificate now, found out I can only have one HTTPS named
> virtual server which is a sh*t.
Incorrect, you can have as many as you want, but all of them will use
the same certificate. That's inherent in the way HTTPS works.
> Now anyone tell me how to make Apache force/only use HTTPS for shtml file
> serving and not allow HTTP to access .shtml files ?
Use a <filematch > block to disallow access in the http vhost and/or
use a Rewrite rule or Redirect to redirect to https.
Something like
<FilesMatch ".*\.shtml$">
Order allow,deny
Deny from all
</FilesMatch>
RewriteCond %{REQUEST_URI} .*\.shtml$
RewriteRule ^/(.*)$ https://..../$1
Davide
--
If it's too good to be true, it's probably a rigged demo.
Any sufficiently advanced technology is indistinguishable from a rigged
demo.
| |
| Aaron Gray 2007-12-29, 7:24 pm |
| "Davide Bianchi" <davideyeahsure@onlyforfun.net> wrote in message
news:slrnfncfq5.37f.davideyeahsure@fogg.onlyforfun.net...
> On 2007-12-29, Aaron Gray <ang.usenet@gmail.com> wrote:
>
> Incorrect, you can have as many as you want, but all of them will use
> the same certificate. That's inherent in the way HTTPS works.
So the certificate provider should be ble to provide me with a SSL
certificate that will work for multiple domains ?
>
> Use a <filematch > block to disallow access in the http vhost and/or
> use a Rewrite rule or Redirect to redirect to https.
>
> Something like
>
> <FilesMatch ".*\.shtml$">
> Order allow,deny
> Deny from all
> </FilesMatch>
>
> RewriteCond %{REQUEST_URI} .*\.shtml$
> RewriteRule ^/(.*)$ https://..../$1
I will have to decypher this, its a bit cryptic.
Thanks,
Aaron
| |
| Davide Bianchi 2007-12-30, 7:41 am |
| On 2007-12-29, Aaron Gray <ang.usenet@gmail.com> wrote:
>
> So the certificate provider should be ble to provide me with a SSL
> certificate that will work for multiple domains ?
You can have a certificate for the domain (*.domain.com), but it will
cost you a fortune and the browsers will still complains that
"the certificate belongs to a different server" (or similar, don't
remember the real error message), if that doesn't bother you, it's ok.
It all depends on what you want, if you want encryption, it's fine.
Davide
--
550 - Message correctly destroyed and remaining disposed of in /dev/null
-- found in a log file
| |
| Aaron Gray 2007-12-30, 7:41 am |
| "Davide Bianchi" <davideyeahsure@onlyforfun.net> wrote in message
news:slrnfneivf.356.davideyeahsure@fogg.onlyforfun.net...
> On 2007-12-29, Aaron Gray <ang.usenet@gmail.com> wrote:
>
> You can have a certificate for the domain (*.domain.com), but it will
> cost you a fortune and the browsers will still complains that
> "the certificate belongs to a different server" (or similar, don't
> remember the real error message), if that doesn't bother you, it's ok.
> It all depends on what you want, if you want encryption, it's fine.
Thats called a wildcard certificate.
There are MDC (Multiple Domain Certificates). These are both availiable from
:-
http://www.positivessl.com
Aaron
|
|
|
|
|