Ssl – How to force SSL (https) on Apache Location

httpssslsvn

I'm trying to force SSL (https) on an SVN repository served by mod_dav_svn. Here's what I have:

<Location /svn/projectname>
  DAV svn
  SVNPath /var/repo/projectname
  Require valid-user
  AuthType Basic
  AuthName "Subversion repository"
  AuthUserFile /etc/svn-auth-projectname

  #here's what I tried (didn't work)
  SSLCipherSuite HIGH:MEDIUM
</Location>

However, I don't get redirected to https when I log in via http; it stays in http. Why doesn't the above work? How do I get this https redirect to work?

I've seen suggestions about using mod_rewrite, e.g.:

# /dir/.htaccess
RewriteEngine on
RewriteCond %{SERVER_PORT}!443
RewriteRule ^(.*)$ https://www.x.com/dir/$1 [R,L]

However, I don't understand exactly what this does, so I'm afraid to use it. Plus, it looks more like an ugly hack than the correct solution.

Best Answer

Its not a hack. here's a quick breakdown for you:

# Turn on Rewriting
RewriteEngine on 

# Apply this rule If request does not arrive on port 443
RewriteCond %{SERVER_PORT} !443 

# RegEx to capture request, URL to send it to (tacking on the captured text, stored in $1), Redirect it, and Oh, I'm the last rule.
RewriteRule ^(.*)$ https://www.x.com/dir/$1 [R,L]

Related Solutions

Windows – Unable to access svn on ubuntu server via tortoise on windows (SUCCESS!!!)

"The URI does not contain the name of a repository."

Whatever URL you are using (you still didn't provide it) is wrong. If your repo is in /home/ant/svn then your apache conf should look like:

<Location /svn>
  DAV svn
  SVNParentPath /home/ant/svn
  AuthType Basic
  AuthName "Your repository name"
  AuthUserFile /etc/subversion/passwd
  <LimitExcept GET PROPFIND OPTIONS REPORT>
  Require valid-user
  </LimitExcept>
</Location>

You should then be able to access (via web browser) the repo with

http://servername/svn/nameofrepo

That is assuming you created a repo inside /home/ant/svn. If the repo is called svn and is in /home/ant, then you want

<Location />
  DAV svn
  SVNParentPath /home/ant

and you would access with

http://servername/svn

Basically, I could give you the answer if you:

Gave the exact command you used on the command-line that succeeded
Gave the exact url you are using in Tortoise
Gave the exact command you used to create the repo

Linux/Unix – SSL Certificate Location Guide

For system-wide use, OpenSSL should provide you /etc/ssl/certs and /etc/ssl/private. The latter of which will be restricted 700 to root:root.

If you have an application that doesn’t perform initial privilege separation from root, then it might suit you to locate them somewhere local to the application with the relevantly restricted ownership and permissions.

Best Answer

Related Solutions

Windows – Unable to access svn on ubuntu server via tortoise on windows (SUCCESS!!!)

Linux/Unix – SSL Certificate Location Guide

Related Topic