Comments on: Apache SSL in htaccess examples http://www.askapache.com/htaccess/apache-ssl-in-htaccess-examples.html Web Development Tue, 19 Aug 2008 22:32:13 +0000 http://wordpress.org/?v=2.6.1 By: George Payne http://www.askapache.com/htaccess/apache-ssl-in-htaccess-examples.html#comment-42291 George Payne Wed, 11 Jun 2008 16:15:58 +0000 http://www.askapache.com.com/htaccess/apache-ssl-in-htaccess-examples.html#comment-42291 I was trying to do something I thought was simple,but have so far been unable to figure out. I wanted set up a temp server just to host a "we are down for the moment" web page. It's pretty easy to set it up so it responds to all http requests with a single page. But I can't figure out how to set it up to answer all HTTPS requests with the same page without actually setting up SSL with a valid cert on my temporary server, which I don't want to do. Any suggestions? A wiser way of going about this? I was trying to do something I thought was simple,but have so far been unable to figure out.

I wanted set up a temp server just to host a “we are down for the moment” web page. It’s pretty easy to set it up so it responds to all http requests with a single page. But I can’t figure out how to set it up to answer all HTTPS requests with the same page without actually setting up SSL with a valid cert on my temporary server, which I don’t want to do.

Any suggestions? A wiser way of going about this?

]]> By: Pete http://www.askapache.com/htaccess/apache-ssl-in-htaccess-examples.html#comment-5137 Pete Thu, 19 Apr 2007 18:46:50 +0000 http://www.askapache.com.com/htaccess/apache-ssl-in-htaccess-examples.html#comment-5137 On an Apache 1.3x system, "and" & "or" isn't valid inside an .htaccess file. The use of "&&" and "||" are required instead. So where you list: SSLRequire ( %{SSL_CIPHER} !~ m/^(EXP|NULL)-/ and %{SSL_CLIENT_S_DN_O} eq "Snake Oil, Ltd." and %{SSL_CLIENT_S_DN_OU} in {"Staff", "CA", "Dev"} and %{TIME_WDAY} >= 1 and %{TIME_WDAY} <= 5 and %{TIME_HOUR} >= 8 and %{TIME_HOUR} <= 20 ) or %{REMOTE_ADDR} =~ m/^192.76.162.[0-9]+$/ It would have to be written as: SSLRequire ( %{SSL_CIPHER} !~ m/^(EXP|NULL)-/ && \ %{SSL_CLIENT_S_DN_O} eq "Snake Oil, Ltd." && \ %{SSL_CLIENT_S_DN_OU} in {"Staff", "CA", "Dev"} && \ %{TIME_WDAY} >= 1 and %{TIME_WDAY} <= 5 && \ %{TIME_HOUR} >= 8 and %{TIME_HOUR} <= 20) || \ %{REMOTE_ADDR} =~ m/^192.76.162.[0-9]+$/ On an Apache 1.3x system, “and” & “or” isn’t valid inside an .htaccess file. The use of “&&” and “||” are required instead.

So where you list:
SSLRequire ( %{SSL_CIPHER} !~ m/^(EXP|NULL)-/
and %{SSL_CLIENT_S_DN_O} eq “Snake Oil, Ltd.”
and %{SSL_CLIENT_S_DN_OU} in {”Staff”, “CA”, “Dev”}
and %{TIME_WDAY} >= 1 and %{TIME_WDAY} <= 5
and %{TIME_HOUR} >= 8 and %{TIME_HOUR} <= 20 )
or %{REMOTE_ADDR} =~ m/^192.76.162.[0-9]+$/

It would have to be written as:

SSLRequire ( %{SSL_CIPHER} !~ m/^(EXP|NULL)-/ && \
%{SSL_CLIENT_S_DN_O} eq “Snake Oil, Ltd.” && \
%{SSL_CLIENT_S_DN_OU} in {”Staff”, “CA”, “Dev”} && \
%{TIME_WDAY} >= 1 and %{TIME_WDAY} <= 5 && \
%{TIME_HOUR} >= 8 and %{TIME_HOUR} <= 20) || \
%{REMOTE_ADDR} =~ m/^192.76.162.[0-9]+$/

]]>