Etch SSL Configuration
This document is out of date. Please use this guide instead: How_do_I...Provide_HTTPS_access_to_Deki_Wiki
Here are the steps to configure Deki Wiki to use SSL. Note, these commands are for Debian Etch but configuration on other distros should be straight forward.
Adapted from: http://www.debian-administration.org/articles/349
Generating a self-signed certificate
If you don't already have an SSL certificate you can generate a self-signed certificate as follows:
mkdir /etc/apache2/ssl openssl req $@ -new -x509 -days 365 -nodes -out /etc/apache2/ssl/apache.pem -keyout /etc/apache2/ssl/apache.pem
Enabling SSL Support
To use the SSL facilities of Apache2 you must enable the module mod_ssl, this can be achieved using the helper tool a2enmod (We've previously discussed the Apache2 helper scripts.)
As root run:
earth:~# a2enmod ssl Module ssl installed; run /etc/init.d/apache2 force-reload to enable.
Once this is done you'll have Apache setup to accept SSL
connections, but the server will still only be listening for incoming
HTTP requests on port 80 - and not SSL connections on port 443. To fix
this you must add a line to the file /etc/apache2/ports.conf:
Listen 443
With these two steps out of the way you now have an Apache setup which will listen for and accept SSL connections. The next step is to modify your virtualhosts to use it.
Configuring Deki Wiki SSL VirtualHost
With a certificate setup, and the server updated to load and listen for incoming SSL connections you're almost finished. The final step is to ensure that your deki wiki virtual host will accept SSL options.
Example: Deki Wiki accessible with or without SSL
<VirtualHost *:80>
ServerName deki-hayes
ErrorLog /var/log/apache2/error.log
CustomLog /var/log/apache2/access.log common
DocumentRoot "/var/www/deki-hayes"
RewriteEngine On
RewriteCond %{REQUEST_URI} ^/$
RewriteRule ^/$ /index.php?title= [L,NE]
RewriteCond %{REQUEST_URI} !/(@api|editor|skins|config)/
RewriteCond %{REQUEST_URI} !/(redirect|texvc|index|Version).php
RewriteCond %{REQUEST_URI} !/error/(40(1|3|4)|500).html
RewriteCond %{REQUEST_URI} !/favicon.ico
RewriteCond %{REQUEST_URI} !/robots.txt
RewriteCond %{QUERY_STRING} ^$ [OR] %{REQUEST_URI} ^/Special:Search
RewriteRule ^/(.*)$ /index.php?title=$1 [L,QSA,NE]
# deki-api uses encoded slashes in query parameters so AllowEncodedSlashes must be On
AllowEncodedSlashes On
# mod_proxy rules
ProxyPass /@api http://localhost:8081 retry=1
ProxyPassReverse /@api http://localhost:8081
SetEnv force-proxy-request-1.0 1
SetEnv proxy-nokeepalive 1
</VirtualHost>
<VirtualHost *:443>
SSLEngine on
SSLCertificateFile /etc/apache2/ssl/apache.pem
ServerName deki-hayes
ErrorLog /var/log/apache2/error.log
CustomLog /var/log/apache2/access.log common
DocumentRoot "/var/www/deki-hayes"
RewriteEngine On
RewriteCond %{REQUEST_URI} ^/$
RewriteRule ^/$ /index.php?title= [L,NE]
RewriteCond %{REQUEST_URI} !/(@api|editor|skins|config)/
RewriteCond %{REQUEST_URI} !/(redirect|texvc|index|Version).php
RewriteCond %{REQUEST_URI} !/error/(40(1|3|4)|500).html
RewriteCond %{REQUEST_URI} !/favicon.ico
RewriteCond %{REQUEST_URI} !/robots.txt
RewriteCond %{QUERY_STRING} ^$ [OR] %{REQUEST_URI} ^/Special:Search
RewriteRule ^/(.*)$ /index.php?title=$1 [L,QSA,NE]
# deki-api uses encoded slashes in query parameters so AllowEncodedSlashes must be On
AllowEncodedSlashes On
# mod_proxy rules
ProxyPass /@api http://localhost:8081 retry=1
ProxyPassReverse /@api http://localhost:8081
SetEnv force-proxy-request-1.0 1
SetEnv proxy-nokeepalive 1
</VirtualHost>
Example: Deki Wiki accessible only via SSL
<VirtualHost *:80>
ServerName deki-hayes
ErrorLog /var/log/apache2/error.log
CustomLog /var/log/apache2/access.log common
DocumentRoot "/var/www/deki-hayes"
RewriteEngine On
RewriteRule ^(.*)$ https://deki-hayes$1 [L,R]
</VirtualHost>
<VirtualHost *:443>
SSLEngine on
SSLCertificateFile /etc/apache2/ssl/apache.pem
ServerName deki-hayes
ErrorLog /var/log/apache2/error.log
CustomLog /var/log/apache2/access.log common
DocumentRoot "/var/www/deki-hayes"
RewriteEngine On
RewriteCond %{REQUEST_URI} ^/$
RewriteRule ^/$ /index.php?title= [L,NE]
RewriteCond %{REQUEST_URI} !/(@api|editor|skins|config)/
RewriteCond %{REQUEST_URI} !/(redirect|texvc|index|Version).php
RewriteCond %{REQUEST_URI} !/error/(40(1|3|4)|500).html
RewriteCond %{REQUEST_URI} !/favicon.ico
RewriteCond %{REQUEST_URI} !/robots.txt
RewriteCond %{QUERY_STRING} ^$ [OR] %{REQUEST_URI} ^/Special:Search
RewriteRule ^/(.*)$ /index.php?title=$1 [L,QSA,NE]
# deki-api uses encoded slashes in query parameters so AllowEncodedSlashes must be On
AllowEncodedSlashes On
# mod_proxy rules
ProxyPass /@api http://localhost:8081 retry=1
ProxyPassReverse /@api http://localhost:8081
SetEnv force-proxy-request-1.0 1
SetEnv proxy-nokeepalive 1
</VirtualHost>
- Tag page
- What links here
| Images 0 | ||
|---|---|---|
| No images to display in the gallery. |
Copyright © 2011 MindTouch, Inc. Powered by
http://wiki.opengarden.org/Deki_Wiki/FAQ/Configuration/How_do_I...Provide_HTTPS_access_to_Deki_Wiki%3f