Setting up HTTPS w/subdomain on Apache2
Anthony Yarusso
tonyyarusso at earthlink.net
Sun Dec 10 06:32:27 UTC 2006
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Todd Slater wrote:
> On 12/9/06, Anthony Yarusso <tonyyarusso at earthlink.net> wrote:
>> -----BEGIN PGP SIGNED MESSAGE-----
>> Hash: SHA1
>>
>> I'm working on reading through Apache documentation, but the going is
>> slow, so if anybody would like to kickstart me or give pointers that
>> would be fabulous.
>>
>> I'm trying to set up the following:
>> https://subdomain.host.com/, which points to a directory on the same
>> physical machine (/var/www/subdomain say), with the following
>> characteristics:
>>
>> Secure authentication
>> Secure data transfer
>>
>> So far I've learned about Basic Authentication, but it said that the
>> password is transmitted in plaintext. Then there was Digest, but the
>> data is still unencrypted. The docs recommended using SSL, and unless
>> I'm mistaken, HTTP w/SSL = HTTPS. So, I'm hoping to make this
>> particular directory accessible only with supplying a valid username
>> and password, and have both the password and the data returned travel
>> the connection in encrypted form. The virtual subdomain is a wishlist
>> item primarily.
>>
>> Note: this ONLY needs to apply to a particular directory; I want the
>> rest of the site accessible normally with unauthenticated http.
>>
>> Any tips?
>
> I think you could use mod_rewrite to redirect non-https requests to
> https for the subdomain. I'm not sure what your question is, though,
> whether it's about how to set up https in general, or force all
> traffic to use https?
>
> Todd
>
Both probably. First, setting up https in general. For the second,
it would be convenient if http://sub.domain.com/ redirected as
https://sub.domain.com/, but I don't mean ALL traffic, only for a
particular folder, which I want to specify as a subdomain rather than
http://domain.com/sub. Am I making sense?
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
iD8DBQFFe6n66iO+5ByUi/QRAu1VAJ9DN3hEviiVYdm7uSi8XQlbJLTrkgCgpIyK
Eo+uh36HtmV70ociS8IIklc=
=vOUL
-----END PGP SIGNATURE-----
More information about the ubuntu-users
mailing list