[rt-users] Banner does show under SSL

Leon Sonntag leon at iwa-solutions.com
Mon Mar 15 12:57:24 EST 2004 

At 11:26 PM 3/12/04, Cerion Armour-Brown wrote:
>Did you rem to set "WebBaseURL" to https in RT_SiteConfig.pm?
>The name resolution stuff was just that you can't have multiple ssl virtual
>hosts, 'cos the ssl handshake happens before the hostname is resolved...

Yes, I did....Thnx anyway


>Your httpd.conf looks a little complex... try the changes below
>(I have ssl working, also 'requiring' client certificates - lemme know if you
>want that configuration too)
>Cerion

I tried the revised configuration and the vhost won't even start, so I went 
back to the orgiinal config.  However, on the good side, the banner shows 
up just fine today.   On the bad side, it appears to of caused some 
problems with my email interface (but that is a separate issue)


>On Friday 12 March 2004 23:59, Leon Sonntag wrote:
> > Well I finally got RT 3.06 runnning under SSL on my RedHat 8 box.  I seem
> > to recall before hearing something abt that having to do with name
> > resolution.  But when looked thru the archives I came up empty.
> > My Apache CONF file looks like:
>
># You don't need/want the servername in the VH directive.
> > <Virtualhost *:443>
>   ServerName rt.server.com:443   # port not _necessary_ here, but better.
> > ServerAdmin root at server.com
> > DocumentRoot /opt/rt3/share/html
> > ErrorLog logs/rt/error_log
> > TransferLog logs/rt/access_log
> >
> > SSLEngine on
> > SSLCipherSuite
> > ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
> > SSLCertificateFile /etc/httpd/conf/ssl.crt/rt.server.com.crt
> > SSLCertificateKeyFile /etc/httpd/conf/ssl.key/rt.server.com.key
> > SSLCertificateChainFile /etc/httpd/conf/ssl.crt/ca.crt
> >
> > SSLOptions +FakeBasicAuth +ExportCertData +CompatEnvVars +StrictRequire
> > <Files ~ "\.(cgi|shtml|phtml|php3?)$">
> >      SSLOptions +StdEnvVars
> > </Files>
> > PerlModule Apache2 Apache::compat
> > PerlModule Apache2 Apache::DBI
> > PerlRequire /opt/rt3/bin/webmux.pl
>
>    AddDefaultCharset UTF-8
>
>    <Location />
>       SetHandler perl-script
>       PerlHandler RT::Mason
>    </Location>
>
><Directory /opt/rt3/share/html>
>#   SSLOptions +StdEnvVars # the 'Files' directive does this already
>    Order allow,deny
>    Allow from all
>#    Options All   # sure you want this?
>#    AllowOverride All  # and this?
>#   AddDefaultCharset UTF-8  # I put this above...
>#    <Files *.html>                  # and this I put in the <Location />
>#      SetHandler perl-script
>#      PerlHandler RT::Mason
>#    </Files>
></Directory>
>
># The rest shouldn't be necessary.
>
># <Directory /opt/rt3/share/html/Ticket/Attachment>
># SSLOptions +StdEnvVars
>#    SetHandler perl-script
>#    PerlHandler RT::Mason
># </Directory>
>
># <Directory /opt/rt3/share/html/SelfService/Attachment>
>#    SSLOptions +StdEnvVars
>#    SetHandler perl-script
>#    PerlHandler RT::Mason
># </Directory>
>
># <Directory /opt/rt3/share/html/REST>
>#    SSLOptions +StdEnvVars
>#    SetHandler perl-script
>#    PerlHandler RT::Mason
># </Directory>
>
></VirtualHost>
>
>_______________________________________________
>rt-users mailing list
>rt-users at lists.bestpractical.com
>http://lists.bestpractical.com/mailman/listinfo/rt-users
>
>Have you read the FAQ? The RT FAQ Manager lives at http://fsck.com/rtfm

Most anything is easy after you've done it successfully a few times

Leon Sonntag
Innovative Web Applications
leon at iwa-solutions dot com

More information about the rt-users mailing list