Last week I installed rt 2.x running on Debian stable.
This week I have been testing rt 3.x.
I have been using the draft manual [April 13, 2003] for the setup.
I am using Debian Sarge with:
Postfix
MySql
Apache
Despite my success with RT on port 80, I was not able to find any find any
documentation on how to setup the apache ssl mod to work with RT.
Does anyone have a working config file I can use as an example ?
Or will this be added to the documentation in the near future ?
I am using a self cert as such:
http://annapolislinux.org/docs/ssc/ssert.txt
Ted Knab
Chester, MD 21619
940216d6021602a41607166696c656c202778696368602d65616e637
02940226c696e646c69702c6f667560256675627478696e67602a416
0716e6563756e2a0
“TK” == Theodore Knab tjk@annapolislinux.org writes:
TK> Does anyone have a working config file I can use as an example ?
TK> Or will this be added to the documentation in the near future ?
There’s nothing special in RT you need other than telling it that it’s
base URL is https instead of http. As for making your httpd answer to
SSL, that’s something you need to read about in the apache docs. Once
apache speaks SSL, RT will too, as it is just a CGI application as far
as apache is concerned.
Vivek Khera, Ph.D. Khera Communications, Inc.
Internet: khera@kciLink.com Rockville, MD +1-240-453-8497
AIM: vivekkhera Y!: vivek_khera http://www.khera.org/~vivek/
If you can get any static page working over SSL, and RT is working on the
same machine, just combine the SSL and RT parameters and it will work.
It’s working on our system.
Real-----Original Message-----
From: rt-users-admin@lists.fsck.com [mailto:rt-users-admin@lists.fsck.com]
On Behalf Of Theodore Knab
Sent: Wednesday, October 08, 2003 4:46 PM
To: rt-users@lists.fsck.com
Subject: [rt-users] apache modssl and rt
Last week I installed rt 2.x running on Debian stable.
This week I have been testing rt 3.x.
I have been using the draft manual [April 13, 2003] for the setup.
I am using Debian Sarge with:
Postfix
MySql
Apache
Despite my success with RT on port 80, I was not able to find any find any
documentation on how to setup the apache ssl mod to work with RT.
Does anyone have a working config file I can use as an example ?
Or will this be added to the documentation in the near future ?
I am using a self cert as such:
http://annapolislinux.org/docs/ssc/ssert.txt
Ted Knab
Chester, MD 21619
940216d6021602a41607166696c656c202778696368602d65616e637
02940226c696e646c69702c6f667560256675627478696e67602a416
0716e6563756e2a0
rt-users mailing list
rt-users@lists.fsck.com
http://lists.fsck.com/mailman/listinfo/rt-users
Have you read the FAQ? The RT FAQ Manager lives at http://fsck.com/rtfm
Theodore Knab wrote:
Last week I installed rt 2.x running on Debian stable.
This week I have been testing rt 3.x.
I have been using the draft manual [April 13, 2003] for the setup.
I am using Debian Sarge with:
Postfix
MySql
Apache
Despite my success with RT on port 80, I was not able to find any find any
documentation on how to setup the apache ssl mod to work with RT.
Does anyone have a working config file I can use as an example ?
Or will this be added to the documentation in the near future ?
I am using a self cert as such:
http://annapolislinux.org/docs/ssc/ssert.txt
We do it on debian/sid like this. Set Your $SERVERNAME and
$PATHTODOCROOT accordingly.
This vhost is not entirely dedicated to rt3, but it works without
problems. The SSLCipherSuite and SetEnvIf are for users with IE5.x on
the Mac. Works for RT 3.0.4
Regards,
Harald
ServerName $SERVERNAME
DocumentRoot $PATHTODOCROOT
Port 443
SSLEngine On
#SSLEnable
SSLCertificateFile /etc/apache/ssl.crt/server.crt
SSLCertificateKeyFile /etc/apache/ssl.key/server.key
SSLProtocol all -SSLv3
SSLCipherSuite
!EXP1024-RC4-SHA:!EXP1024-DES-CBC-SHA:ALL:!ADH:!EXP56:RC4+RSA:+HIGH:
+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
Alias /rt3 "/usr/share/request-tracker3/html/"
Alias /rt3/NoAuth/images "/usr/share/request-tracker3/html/NoAuth/images/"
PerlModule Apache::DBI
PerlFreshRestart Off
AddDefaultCharSet UTF-8
PerlRequire /usr/share/request-tracker3/libexec/webmux.pl
SetHandler perl-script
PerlHandler RT::Mason
Thanks I used your example.
SSLPassPhraseDialog builtin
SSLSessionCache dbm:/var/log/apache/ssl_scache
SSLMutex file:/var/log/apache/ssl_mutex
SSLSessionCacheTimeout 300
SSLRandomSeed startup builtin
SSLRandomSeed connect builtin
Port 80
SSLEngine off
ServerName rt.washcoll.edu
ServerAlias *rt.washcoll.edu
ServerAlias rt
#Alias /webrt/ /usr/share/request-tracker3/html/NoAuth/images
PerlModule Apache::DBI
PerlFreshRestart Off
<Directory /usr/share/request-tracker3/html/>
AddDefaultCharset UTF-8
PerlRequire /usr/share/request-tracker3/libexec/webmux.pl
SetHandler perl-script
PerlHandler RT::Mason
#access control limits use of port 80 to local machine for mail
deny from all
allow from 127.0.0.1 192.146.226.209
#force the users to use encrypted site on forbidden error which
#goes to anyone that is not from localhost or the rt webserver
ErrorDocument 403 https://rt.washcoll.edu
DocumentRoot /usr/share/request-tracker3/html
Port 443
SSLEngine On
ServerName rt.washcoll.edu
ServerAlias *rt.washcoll.edu
ServerAlias rt
#SSLEnable
SSLCertificateFile /etc/apache/apache.pem
SSLCertificateKeyFile /etc/apache/apache.key
SSLProtocol all -SSLv3
SSLCipherSuite
!EXP1024-RC4-SHA:!EXP1024-DES-CBC-SHA:ALL:!ADH:!EXP56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
Alias /webrt/ /usr/share/request-tracker3/html/NoAuth/images
Alias /rt3 "/usr/share/request-tracker3/html/"
Alias /rt3/NoAuth/images
"/usr/share/request-tracker3/html/NoAuth/images/"
PerlModule Apache::DBI
PerlFreshRestart Off
AddDefaultCharSet UTF-8
PerlRequire /usr/share/request-tracker3/libexec/webmux.pl
SetHandler perl-script
PerlHandler RT::Mason
Ted Knab
Chester, MD 21619
940216d6021602a41607166696c656c202778696368602d65616e637
02940226c696e646c69702c6f667560256675627478696e67602a416
0716e6563756e2a0