Arthur Pemberton wrote:
On Mon, May 11, 2009 at 9:51 AM, Daniel B. Thurman <dant@xxxxxxxxx> wrote:
Patrick W. Barnes wrote:
On Sunday 10 May 2009 19:26:51 Daniel B. Thurman wrote:
DRAT! TYPO!
Should be:
<VirtualHost host.domain.com:80>
ServerName host.domain.com
CustomLog /svn/Admin/logs/access.log combined
ErrorLog /svn/Admin/logs/error.log
SSLProxyEngine on
ProxyPass / https://host.domain.com/
ProxyPassReverse / https://host.domain.com/
</VirtualHost>
<VirtualHost host.domain.com:443>
[...]
</VirtualHost>
My mistake was the 2nd VirtualHost clause where 80 should be 443:
Now, that's better ;)
Keep in mind that having Apache proxy non-HTTPS queries will mean that the
link from the client to the server will NOT be SSL-protected. Traffic from
the SVN client to your server will be in the clear.
Sigh, I tested http://[...] and it appears that SSL certification is not
being requested, so it appears that you are correct.
I will keep trying. If anyone has a (potential) solution, please let me
know?
Why don't you just turn of http? And/or redirect all http to https?
Then that would mean that my normal website for anonymous users
would be forced use https when it is not required?
As it is, I could just drop the <VirtualHost host.domain.com:80>
code block for subversion and who cares if subversion reports an error
for those attempting to use the http:[...]/svn/svnX string, as it would
not be allowed except for https.
Seems nicer to force http to https only for /svn requests but perhaps
there is no solution/support for it... from what I can tell, others have
claimed to get this to work but I have not been able to duplicate it.
--
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines