David Summers wrote:
> I've been doing Subversion SSL since last November.
>
> [...]
>
> If you can get SSL going at all then you should be able to just uncomment
> the SSL part of the above configuration for subversion and it should work.
>
> Please let me know if you encounter any problems and I'll be glad to try
> to help out.
My problem was that I couldn't get SSL working at all. However, I did
get it working last night. I don't know what I did different. I guess
I just needed some time away from the problem.
For the archives (in case anyone cares), I've included my working
minimal httpd.conf that gets Apache 2.0, SSL, LDAP, and Subversion
working together.
===== Begin httpd.conf =====
#
# General configuration
#
ServerRoot "/usr/local/apache2"
PidFile logs/httpd.pid
Timeout 300
KeepAlive On
MaxKeepAliveRequests 100
KeepAliveTimeout 15
StartServers 5
MinSpareServers 5
MaxSpareServers 10
MaxClients 150
MaxRequestsPerChild 0
Listen 80
User apache
Group apache
UseCanonicalName Off
#
# Modules
#
LoadModule log_config_module modules/mod_log_config.so
LoadModule ssl_module modules/mod_ssl.so
LoadModule mime_module modules/mod_mime.so
LoadModule ldap_module modules/mod_ldap.so
LoadModule auth_module modules/mod_auth.so
LoadModule auth_ldap_module modules/mod_auth_ldap.so
LoadModule dav_module modules/mod_dav.so
LoadModule dav_svn_module modules/mod_dav_svn.so
#
# SSL
#
Listen 443
AddType application/x-x509-ca-cert .crt
AddType application/x-pkcs7-crl .crl
SSLPassPhraseDialog builtin
SSLSessionCache dbm:logs/ssl_scache
SSLSessionCacheTimeout 300
SSLMutex file:logs/ssl_mutex
SSLRandomSeed startup builtin
SSLRandomSeed connect builtin
#
# Logging
#
ErrorLog logs/error_log
LogLevel warn
LogFormat "%h %l %u %t \"%r\" %>s %b" common
CustomLog logs/access_log common
#
# MIME
#
TypesConfig conf/mime.types
DefaultType text/plain
#
# Documents
#
DocumentRoot "/var/svn"
<Location /svn/test>
DAV svn
SVNPath /var/svn/test
AuthName "Test repository"
AuthType Basic
Require valid-user
AuthLDAPURL ldap://ldap.mrsl.com/ou=people,dc=mrsl,dc=com
</Location>
#
# SSL Virtual Host Context
#
<VirtualHost _default_:443>
ErrorLog logs/error_log
LogLevel warn
TransferLog logs/access_log
CustomLog logs/ssl_request_log \
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
SSLEngine on
SSLCertificateFile /etc/httpd/conf/ssl.crt/server.crt
SSLCertificateKeyFile /etc/httpd/conf/ssl.key/server.key
DocumentRoot "/var/svn"
<Location /svn/test>
DAV svn
SVNPath /var/svn/test
AuthName "Test repository"
AuthType Basic
Require valid-user
AuthLDAPURL ldap://ldap.mrsl.com/ou=people,dc=mrsl,dc=com
</Location>
</VirtualHost>
===== End httpd.conf =====
--
Tim Moloney
ManTech Real-time Systems Laboratory
2015 Cattlemen Road \ /
Sarasota, FL 34232 .________\(O)/________.
(941) 377-6775 x208 ' ' O(.)O ' '
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Fri Jun 28 17:05:08 2002