[Setup] Re: Re: Can't get Plone+Apache SSL to work

Martin Malek martin.malek at telia.com
Sat Aug 5 22:23:31 UTC 2006


Thanks for your response. I have narrowed it down a bit and thanks to Joe 
Marshall I turned on the rewrite log (duh). I notice that SSL works fine by 
its own when I don't use rewrite rules but when I use rewrite rule:$1

I get:

You don't have permission to access / on this server.

Plone works just fine on , zope on and ssl on

It's when I turn on the rewrite rules it gets messy.

My rewrite log for the forbidden access is as follows: - - [06/Aug/2006:00:21:25 +0200] 
[][rid#77c240/initial] (2) init rewrite engine with 
requested uri / - - [06/Aug/2006:00:21:25 +0200] 
[][rid#77c240/initial] (3) applying pattern '^/(.*)' 
to uri '/' - - [06/Aug/2006:00:21:25 +0200] 
[][rid#77c240/initial] (2) rewrite '/' -> 
'' - - [06/Aug/2006:00:21:25 +0200] 
[][rid#77c240/initial] (2) forcing proxy-throughput 
with - - [06/Aug/2006:00:21:25 +0200] 
[][rid#77c240/initial] (1) go-ahead with proxy 

I will strip down my htttpd.conf file to a bare minimum and see if I can get 
it to work. Thanks for your help guys. If you have any other ideas feel free 
to post them.

/ Martin Malek

"KE Liew" <ke.liew at gmail.com> skrev i 
news:f0e429340608051406h23ef76a3p915d994ed834df8b at mail.gmail.com...
> On 8/5/06, Martin Malek 
> <martin.malek at telia.com> wrote:
>> Yes that was deliberate. I was just trying something out. You are 
>> completely
>> right. It should be 81 not 82.
>> Sorry for posting invalid info. But it doesn't respond to 81 either.
> Double check whether you are able to access to zope directly.
>> Must I have apache listening to the port I want to rewrite?
> If you mean port 443, yes. but if you mean the port for zope, no. You
> don't need to open up zope's port on your firewall either, unless you
> want to access it directly at some point.
>> Should the RewriteRule be inside or outside the Virtualhost?
> Should be inside.
>> I am using SSLRequireSSL in all my <Directory > listings. Could that be 
>> an
>> issue?
> What I would suggest is to strip it to the bare minimum to make sure
> that SSL works as it is without any other options.
> <VirtualHost *:443>
> SSLEngine On
> SSLCertificateFile conf/ssl/my-server.cert
> SSLCertificateKeyFile conf/ssl/my-server.key
> RewriteEngine On
> RewriteRule ^/(.*)
> [P]
> </VirtualHost>
> Try that for a size. And start debugging what went wrong from here on.
> Turn on RewriteRule Log as well, and see what's up.
> (For apache2.1:
> http://httpd.apache.org/docs/2.1/pt-br/mod/mod_rewrite.html#rewritelog)

More information about the Setup mailing list