Hi everyone, I am in the process of trying to encrypt with ssl through apache anything that is done in /admin.
Right now, I have an nginx proxy on port 80 that forwards anything to an apache virtual host listening on a different port. I also have another apache vhost listening on 443 but is not forwarded to by the nginx proxy. I have looked around and tried a few of the common things that show up when google-ing around or reading the django docs: Of course, in settings.py set SESSION_COOKIE_SECURE=True. If I do this and don't do anything else with apache or other settings, when I try to login to the admin area (http://site.com/admin/) I get the commonplace error: "Looks like your browser isn't configured to accept cookies. Please enable cookies, reload this page, and try again." I would expect this because of the http:// and not https:// location on the URL. So the next thing I do is add a rewrite or redirect rule to the apache or nginx vhost that will send it to port 443. When I do this, I usually get an error along the lines of: "Firefox has detected that the server is redirecting the request for this address in a way that will never complete." Which I interpret to mean that although the vhost is redirecting to port 443, Django is redirecting it back to 80 because SSL is not enabled for the admin views. So, in my urls.py, I added in {'SSL' : True} to the admin view, but get the same errors. All that being said, I know that the ssl is working for the site because when I add {'SSL' : True} to any of the views that I wrote, it works just fine. There must be a setting that I have overlooked or something that to stop the admin page from redirecting from https to http. On another note, even though the SSL seems to be working fine, when I look at my satchmo log it says: "2009-09-24 13:01:22,865 sslurllib : WARNING ssl is not installed, please install it from http://pypi.python.org/pypi/ssl/"; Which I have not installed because when I do, I get an error about something like some bluetooth headers not being installed. I don't think this is causing a problem since I can encrypt some pages, but I though I would mention it. Thanks, Sam --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com To unsubscribe from this group, send email to django-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/django-users?hl=en -~----------~----~----~----~------~----~------~--~---
