[Zope] re: Zope and SSL

alan milligan alan_milligan@hotmail.com
Sun, 24 Feb 2002 21:40:54


Hi,

Just to add my 2 euros to this thread.

The methods I use are for normal http, I route thru Apache using virtual 
hosting and a rewrite rule:

<VirtualHost *>
    ServerAdmin webmaster@domain.com
    ServerName www.domain.com

    ErrorLog logs/domain.com_error_log
    CustomLog logs/domain.com_access_log common

    #
    #  note Zope.fcgi DOES NOT EXIST !!!
    #
    FastCgiIpcDir /tmp
    FastCgiExternalServer /usr/local/apache/htdocs/fcgi \
                      -socket zope.soc            \
                      -pass-header Authorization

    DocumentRoot "/usr/local/apache/htdocs/fcgi"
    DirectoryIndex index_html

    SetHandler fastcgi-script

    RewriteEngine on
    RewriteRule ^/(.*) /usr/local/apache/htdocs/fcgi/Zope.fcgi/domain.com/$1 
[L]

</VirtualHost>


For https, it is a little more complicated, as I employ a variety of web 
technologies for my secure site and don't wish to delegate everything to 
Zope.  I presently use my port 443 Apache as a proxy server for a number of 
other servers (including other Apache servers) in addition to serving up 
dynamic html.

Vanilla Zope would appear not to support https, so my proxy requests are all 
insecure once they have reached my port 443 server.  This is a very private 
network and not a concern for me at least ...

Here is my (partial) Apache config for this:

<VirtualHost _default_:443>

...

#
#   Zope Management API
#

    <Directory proxy:http://localhost:8080/manage>
		Order Allow,Deny
		Allow from all
    </Directory>
    ProxyPass 	 /manage  http://localhost:8080/manage

...
</VirtualHost>


With this method, no FastCGI needs to be explicitly set, and there is no 
need for any VirtualHostMonster's nor any other sort of gremlin to be set 
within your Zope server either!

Comments welcomed,

Cheers, Alan

_________________________________________________________________
Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp.