[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: mod_dav_svn + ssl -- protocol changes from 'https' to 'http' after authentication (solved)

From: Danny MacMillan <flowers_at_users.sourceforge.net>
Date: 2006-04-12 00:19:43 CEST

Hi, Konrad.

On Tue, Apr 11, 2006 at 07:45:48PM +0200, Konrad Rosenbaum wrote:
> On Tuesday 11 April 2006 02:36, Danny MacMillan wrote:
> > I have a subversion repository being served up by Apache2 and
> > mod_dav_svn on FreeBSD 6.0-RELEASE-p6. I want the repository
> > to be accessible ONLY using https. I'm most of the way there,
> > but I am experiencing some weird behaviour. When accessing the
> > repository using a web browser.
> [cut]
>
> Try putting the <Location> inside the <VirtualHost>, then it should work.

I got it working. For the benefit of future readers, here's how:

I tried that idea yesterday and it didn't work. After I moved the
<Location> inside the <VirtualHost>, the behaviour improved to the
point where the URL in the address bar stayed where it should have
been -- but the browser window was completely blank. Even 'view
source' showed nothing. It looks like it returned no content.

Inspired by your email I tried again today. At first, I got the same
blank browser window. Then I looked more carefully at my Apache
config. It turns out I left a few things out of the dev.example.com
virtual host, one or more of which was preventing this from working.
Here's what I added back in that got it to work:

SSLEngine on
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
SSLCertificateFile /usr/local/etc/apache2/ssl.crt/wildcard_cert.pem
SSLCertificateKeyFile /usr/local/etc/apache2/ssl.key/wildcard_key.pem

My mistake was in thinking that this stuff was already taken care of
outside of the <VirtualHost> block. However examining the first SSL
secured virtual host, which I modified from the example that shipped
in the file, showed a lot of stuff missing from the dev.example.com
virtual host. Copying this stuff in to the dev.example.com virtual
host got it to work.

The reason it must have been working when the <Location> block was
outside of the <VirtualHost> block is that it must have been using the
config for the first virtual host -- the one that included all the
necessary stuff. This actually makes sense because I noticed the
requests were being written to the wrong log file -- the one for the
first virtual host. I was highly confused by that, and I knew
something was screwy, I just didn't know what.

I have other virtual hosts that are misconfigured that are working
fine, probably because 1) I'm using a wildcard certificate, 2) they
are just doing simple stuff like reverse proxying 3) it is a complete
fluke. However, I thought the fact they were working meant the problem
could not be in the virtual host config.

Anyway, thank you for nudging me back in the right direction.

I'd also like to apologize to the list for posting this question twice.
My first email didn't show up for nearly 18 hours and I thought it was
blocked.

-- 
Danny MacMillan
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Received on Wed Apr 12 00:22:32 2006

This is an archived mail posted to the Subversion Users mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.