Skip to Content.
Sympa Menu

en - StdEnvVars lost with suEXEC and SSL

Subject: The mailing list for listmasters using Sympa

List archive

StdEnvVars lost with suEXEC and SSL

Chronological Thread  
    < Chronological >       < Thread >
  • From: Anne Durand <address@concealed>
  • To: address@concealed
  • Subject: StdEnvVars lost with suEXEC and SSL
  • Date: Tue, 13 Feb 2001 15:00:38 +0100
Hello,
I have settled a virtualhost to work with the suEXEC mechanism.

<VirtualHost _default_:443>
ServerAdmin address@concealed
DocumentRoot /export/home/sympa
ServerName sympa.archi.fr
#User sympa
#Group listserv
UserDir disabled
ScriptAlias /wws /export/home/sympa/bin/wwsympa.fcgi
ErrorLog /export/home0/apache/gamsau/logs/sympa443.error_log
TransferLog /export/home0/apache/gamsau/logs/sympa443.access_log
DirectoryIndex wws
<Files ~ "\.(cgi|fcgi|shtml|phtml|php3?)$">
SSLOptions +StdEnvVars
</Files>
SSLEngine on
SSLCipherSuite
ALL:!ADH:!EXP56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
SSLCertificateFile /usr/local/apache/conf/ssl.crt/sympa.crt
SSLCertificateKeyFile /usr/local/apache/conf/ssl.key/sympa.key
SSLCACertificatePath /usr/local/apache/conf/ssl.crt/
SSLCACertificateFile /usr/local/apache/conf/ssl.crt/ca.crt
SSLVerifyClient optional
SSLVerifyDepth 5
SetEnvIf User-Agent ".*MSIE.*" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
CustomLog /usr/local/apache/logs/ssl_request_log \
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
</VirtualHost>

If I disable the suEXEC mechanism, the secure connexion is established
but I can not access to the writable directories belonging to sympa
(normally enabled by the suEXEC mechanism).
If I enable the suEXEC mechanism, my email read in my local certificat
is not transmitted to the server, so I can't access to the secure pages.

are suExec and SSL compatible?
Thanks for any suggestion.

--

Anne DURAND

GAMSAU - MAP
UMR CNRS-MCC n° 694
"Modèles et simulations pour l'Architecture, l'urbanisme et le Paysage"

Ecole d'Architecture de Marseille
184 av de Luminy
13288 Marseille Cedex 09
tel : 04 91 82 71 62/70 - fax : 04 91 82 71 71
mel : address@concealed
http : www.map.archi.fr

Ce message est signé.
Vous pouvez télécharger le certificat de l'autorité de certification
archi.fr à l'adresse http://www.archi.fr/certif/archi.pem

Attachment: smime.p7s
Description: Signature cryptographique S/MIME


  • StdEnvVars lost with suEXEC and SSL, Anne Durand, 02/13/2001

Archive powered by MHonArc 2.6.19+.

Top of Page