[Share] How to set the SSL to a node?

Author Message

david lee

Monday 05 July 2010 2:21:25 am

When I want to access a node of eZ via SSL, here are something to be done in my test envirement.

1. Modify the setting file
Open the file "settings/override/site.ini.append.php", add the code below :

[SSLZoneSettings]
SSLZones=enabled
SSLSubtrees[]=/news/categoryOne
Be aware to the bold code, here i want to set to the node "/news/categoryOne", that is to say, when i visit the url "http://myhost/news/categoryOne", the browser will auto direct to "https://myhost/news/categoryOne".

2. Modify the httpd.conf
Here are the code of virtualhost.

<VirtualHost 127.0.0.1:443>
<Directory "/opt/lampp/htdocs/art">
Options FollowSymLinks
AllowOverride all
Allow from all
</Directory>
<IfModule mod_php5.c>
php_admin_flag safe_mode Off
php_admin_value register_globals 0
php_value magic_quotes_gpc 0
php_value magic_quotes_runtime 0
php_value allow_call_time_pass_reference 0
</IfModule>
DirectoryIndex index.php
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteRule content/treemenu/? /index_treemenu.php [L]
Rewriterule ^/var/storage/.* - [L]
Rewriterule ^/var/[^/]+/storage/.* - [L]
RewriteRule ^/var/cache/texttoimage/.* - [L]
RewriteRule ^/var/[^/]+/cache/texttoimage/.* - [L]
RewriteRule ^/var/[^/]+/cache/public/.* - [L]
Rewriterule ^/design/[^/]+/(stylesheets|images|javascript)/.* - [L]
Rewriterule ^/share/icons/.* - [L]
Rewriterule ^/extension/[^/]+/design/[^/]+/(stylesheets|images|flash|javascripts?)/.* - [L]
Rewriterule ^/packages/styles/.+/(stylesheets|images|javascript)/[^/]+/.* - [L]
RewriteRule ^/packages/styles/.+/thumbnail/.* - [L]
RewriteRule ^/favicon\.ico - [L]
RewriteRule ^/robots\.txt - [L]
# Uncomment the following lines when using popup style debug.
# RewriteRule ^/var/cache/debug\.html.* - [L]
# RewriteRule ^/var/[^/]+/cache/debug\.html.* - [L]
RewriteRule .* /index.php
</IfModule>
DocumentRoot "/opt/lampp/htdocs/art"
SSLEngine on
SSLCertificateFile /opt/lampp/etc/ssl.crt/server.crt
SSLCertificateKeyFile /opt/lampp/etc/ssl.key/server.key
ServerName myhost
ServerAlias myhost admin.myhost
</VirtualHost>
You will find that is very similar to set a common virtualhost, except the blod code, because we have to access via SSL, so we have to use another port to it (Here i use the default port 443) , and also, open the SSLEngine, and set the certificate file and keyfile.


After that, you can visit https://myhost/news/categoryOne via SSL.

Yannick Komotir

Monday 05 July 2010 8:29:02 am

Hi,

thank's for this tip^^ Can you make it more readable ? :)

<|- Software Engineer @ eZ Publish developpers -|>
@ http://twitter.com/yannixk

Powered by eZ Publish™ CMS Open Source Web Content Management. Copyright © 1999-2014 eZ Systems AS (except where otherwise noted). All rights reserved.