[Setup] Re: Re: Can't get Plone+Apache SSL to work

Martin Malek martin.malek at telia.com
Sat Aug 5 22:23:31 UTC 2006


Hi

Thanks for your response. I have narrowed it down a bit and thanks to Joe 
Marshall I turned on the rewrite log (duh). I notice that SSL works fine by 
its own when I don't use rewrite rules but when I use rewrite rule: 
http://81.26.252.160:81/VirtualHostBase/https/81.26.252.160:443/VirtualHostRoot/$1

I get:

Forbidden
You don't have permission to access / on this server.

Plone works just fine on http://81.26.252.160:81/ , zope on 
http://81.26.252.160:8081/ and ssl on http://81.26.252.160:443/

It's when I turn on the rewrite rules it gets messy.

My rewrite log for the forbidden access is as follows:

81.26.252.160 - - [06/Aug/2006:00:21:25 +0200] 
[81.26.252.160/sid#71cb78][rid#77c240/initial] (2) init rewrite engine with 
requested uri /
81.26.252.160 - - [06/Aug/2006:00:21:25 +0200] 
[81.26.252.160/sid#71cb78][rid#77c240/initial] (3) applying pattern '^/(.*)' 
to uri '/'
81.26.252.160 - - [06/Aug/2006:00:21:25 +0200] 
[81.26.252.160/sid#71cb78][rid#77c240/initial] (2) rewrite '/' -> 
'http://81.26.252.160:81/VirtualHostBase/https/81.26.252.160:443/VirtualHostRoot/'
81.26.252.160 - - [06/Aug/2006:00:21:25 +0200] 
[81.26.252.160/sid#71cb78][rid#77c240/initial] (2) forcing proxy-throughput 
with 
http://81.26.252.160:81/VirtualHostBase/https/81.26.252.160:443/VirtualHostRoot/
81.26.252.160 - - [06/Aug/2006:00:21:25 +0200] 
[81.26.252.160/sid#71cb78][rid#77c240/initial] (1) go-ahead with proxy 
request 
proxy:http://81.26.252.160:81/VirtualHostBase/https/81.26.252.160:443/VirtualHostRoot/ 
[OK]

I will strip down my htttpd.conf file to a bare minimum and see if I can get 
it to work. Thanks for your help guys. If you have any other ideas feel free 
to post them.

/ Martin Malek



"KE Liew" <ke.liew at gmail.com> skrev i 
meddelandet 
news:f0e429340608051406h23ef76a3p915d994ed834df8b at mail.gmail.com...
> On 8/5/06, Martin Malek 
> <martin.malek at telia.com> wrote:
>> Yes that was deliberate. I was just trying something out. You are 
>> completely
>> right. It should be 81 not 82.
>> Sorry for posting invalid info. But it doesn't respond to 81 either.
>
> Double check whether you are able to access to zope directly.
>
>> Must I have apache listening to the port I want to rewrite?
>
> If you mean port 443, yes. but if you mean the port for zope, no. You
> don't need to open up zope's port on your firewall either, unless you
> want to access it directly at some point.
>
>
>> Should the RewriteRule be inside or outside the Virtualhost?
>
> Should be inside.
>
>> I am using SSLRequireSSL in all my <Directory > listings. Could that be 
>> an
>> issue?
>
> What I would suggest is to strip it to the bare minimum to make sure
> that SSL works as it is without any other options.
>
> <VirtualHost *:443>
> SSLEngine On
>
> SSLCertificateFile conf/ssl/my-server.cert
> SSLCertificateKeyFile conf/ssl/my-server.key
>
> RewriteEngine On
> RewriteRule ^/(.*)
> http://81.26.252.160:82/VirtualHostBase/https/81.26.252.160:443/VirtualHostRoot/$1
> [P]
> </VirtualHost>
>
> Try that for a size. And start debugging what went wrong from here on.
> Turn on RewriteRule Log as well, and see what's up.
>
> (For apache2.1:
> http://httpd.apache.org/docs/2.1/pt-br/mod/mod_rewrite.html#rewritelog)
> 







More information about the Setup mailing list