[rt-users] HTTP and HTTPS on same RT server?
Danie Marais
danie.marais at attix5.com
Tue Feb 26 09:07:50 EST 2008
Matt,
Maybe I am daft, but the SSL cert sites I looked at listed it at $399 per
year. Where can you get $20 certs?
> -----Original Message-----
> From: rt-users-bounces at lists.bestpractical.com
> [mailto:rt-users-bounces at lists.bestpractical.com] On Behalf
> Of Matt Westfall
> Sent: 26 February 2008 03:56 PM
> To: Lutz Jaenicke
> Cc: rt-users at lists.bestpractical.com
> Subject: Re: [rt-users] HTTP and HTTPS on same RT server?
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Umm, SSL Certs are $20 a year, lol
>
>
> Matt Westfall
> Owner / Operator
> FiftyPounds Internet
> http://www.fiftypounds.com
>
> This message is digitally signed with Pretty Good Privacy (PGP)
> Info: http://en.wikipedia.org/wiki/Pretty_Good_Privacy
>
>
>
> Lutz Jaenicke wrote:
> | Danie Marais wrote:
> |>
> |>
> |>>> Can someone perhaps just confirm that an HTTP and HTTPS
> |>>>
> |>> combination is
> |>>
> |>>> not possible?
> |>>>
> |>>> Thanks
> |>>>
> |>
> |>> I don't see why it wouldn't be possible. You can have
> both an HTTP and
> |>> an HTTPS site serving the same pages, and then redirect
> people between
> |>> the two based on certain conditions, probably logged in
> user, or even
> |>> based on a custom field.
> |>>
> |>> Is there any reason why you don't want to use HTTPS for both
> |>> SelfService
> |>> users and engineers?
> |>>
> |> I'm not keen to buy an expensive web certificate.
> SelfService does not
> |> warrant that level of security, but engineers can be
> instructed to import
> |> the web certificate. And HTTP requires slightly less resources.
> |>
> |> My current problem is that by correctly setting the WebBaseURL in
> |> RT_SiteConfig.pm to http or https I can get either one of
> the two working
> |> but not both at the same time. If http is specified then
> you cannot
> submit
> |> replies in https and vice versa.
> |>
> |>
> | For rt.openssl.org the problem is "solved" by having a
> separate Apache
> | instance just running RT on some internal port number and
> then let the
> | frontend Apache handle the http/https protocols.
> |
> | <VirtualHost 195.30.6.166:80>
> | # server information
> | ServerName rt.openssl.org
> | ServerAlias rt.openssl.org
> | ServerAdmin openssl-team at openssl.org
> | ServerSignature on
> | UseCanonicalName on
> | ProxyPass / http://195.30.6.166:abcd/
> | ProxyPassReverse / http://195.30.6.166:abcd/
> | </VirtualHost>
> |
> | <VirtualHost 195.30.6.166:443>
> | # server information
> | ServerName rt.openssl.org
> | ServerAlias rt.openssl.org
> | ServerAdmin openssl-team at openssl.org
> | ServerSignature on
> | UseCanonicalName on
> | ProxyPass / http://195.30.6.166:abcd/
> | ProxyPassReverse / http://195.30.6.166:abcd/
> | </VirtualHost>
> |
> |
> | So far I have not seen any malfunction.
> |
> | Best regards,
> | Lutz
> | _______________________________________________
> | http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users
> |
> | Community help: http://wiki.bestpractical.com
> | Commercial support: sales at bestpractical.com
> |
> |
> | Discover RT's hidden secrets with RT Essentials from O'Reilly Media.
> | Buy a copy at http://rtbook.bestpractical.com
>
> - --
> Matt Westfall
> Owner / Operator
> FiftyPounds Internet
> http://www.fiftypounds.com
>
> This message is digitally signed with Pretty Good Privacy (PGP)
> Info: http://en.wikipedia.org/wiki/Pretty_Good_Privacy
>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.7 (MingW32)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
>
> iD8DBQFHxBp6b/8X6V5MpAURAm08AJ9tcpPZ+UU8/ey0WntWb/0/NXLaxgCdEwMe
> k/JX7Kh++QtXokZYpkSVlJk=
> =Nkl9
> -----END PGP SIGNATURE-----
> _______________________________________________
> http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users
>
> Community help: http://wiki.bestpractical.com
> Commercial support: sales at bestpractical.com
>
>
> Discover RT's hidden secrets with RT Essentials from O'Reilly Media.
> Buy a copy at http://rtbook.bestpractical.com
More information about the rt-users
mailing list