Hi all,
I'm running a little older version of web2py in production (1.99.7).
I have two apps configured to different subdomains --
app1.domain.edu -> app1
app2.domain.edu -> app2
This works fine. Great in fact -- I'm using routers to make the apps
default based on the domain, so appnames aren't needed.
Recently we decided to add authenticated services to the applications, so I
got some certificates and set up web2py over SSL.
So over https, app1 works fine but app2 generates the unknown ticket issue.
This doesn't appear to be any sort of permissions or storage issue (lots of
room/inodes on disk, errors dir writable by app2 when requested over HTTP
-- doesn't normally generate an error over HTTP, I could 777 the errors dir
but I can't see how that would be an issue).
Also, on the test server (where I run rocket) both sites run fine over
HTTPS, albeit with cert warnings because of my self-signed test certs.
There I have an two web2py daemons -- one for HTTP and one for HTTPS
running on two different ports, using apache with mod_proxy to dispatch
requests based on the hostname.
Does anyone have any ideas? I'm thinking it's might be related to the
"routers" feature ... or maybe somehow app1's directories or models are
getting loaded when requesting app2? I'm not even really sure how to
diagnose the issue as I don't see any logs to read (though I haven't ever
used web2py's logging, perhaps that would help?)
Also -- and I doubt this is an issue but I'll just throw it out there -- I
used the same private key to generate CSRs for both SSL certificates for
the two FQDNs -- is it possible that WSGI doesn't like this? As far as I
know this is accepted when generating SSL certs. And I don't get any
certificate issues when using the two domains.. and when just serving HTML
from the filesystem w/apache everything is fine.
If I don't make progress I will probably try to upgrade to the newest
version of web2py and see if the issue persists... however any help is
appreciated!
Here are some relevant snippets from config files:
/var/www/web2py/routes.py
routers = dict(
BASE = dict(
domains = {
'app1.domain.edu': 'app1',
'www.app1.domain.edu': 'app1',
'app2.domain.edu': 'app2',
'www.app2.domain.edu': 'app2',
'www.app2.domain.edu:443': 'app2/default' # I added this after
getting the error, it doesn't seem to affect it. It's not currently in my
routes file, still getting error.
}
),
)
apache conf:
NameVirtualHost *:80
<Directory /var/www/web2py>
AllowOverride None
Order Allow,Deny
Deny from all
<Files wsgihandler.py>
Allow from all
</Files>
</Directory>
WSGISocketPrefix /var/run/wsgi/
<Virtualhost *:80>
ServerName app1.domain.edu
ServerAlias app2.domain.edu
WSGIDaemonProcess web2py user=webadmin group=webadmin threads=15 \
display-name=%{GROUP}
WSGIProcessGroup web2py
WSGIApplicationGroup %{RESOURCE}
# This routes all requests that aren't user-dir or awstats requests to
web2py
WSGIScriptAliasMatch ^(/([^~].*|awstats.*)?)$
/var/www/web2py/wsgihandler.py$1
# ... mod_user stuff that I won't bother copying is here (for tilde
sites) ... #
Alias /css/ /var/www/web2py/applications/app1/static/
AliasMatch ^/([^/]+)/static/(.*) \
/var/www/web2py/applications/$1/static/$2
<Directory /var/www/web2py/applications/*/static/*/>
Order Allow,Deny
Allow from all
</Directory>
</VirtualHost>
LoadModule ssl_module modules/mod_ssl.so
Listen 443
NameVirtualHost *:443
<VirtualHost *:443>
ServerName app1.domain.edu
SSLEngine on
SSLCertificateFile /etc/pki/tls/certs/app1.domain.edu.crt
SSLCertificateKeyFile /etc/ssl/private/server.private.key
<Location /admin>
Deny from all
</Location>
WSGIScriptAlias / /var/www/web2py/wsgihandler.py
Alias /css/ /var/www/web2py/applications/app1/static/
AliasMatch ^/([^/]+)/static/(.*) \
/var/www/web2py/applications/$1/static/$2
<Directory /var/www/web2py/applications/*/static/*/>
Order Allow,Deny
Allow from all
</Directory>
<VirtualHost>
<VirtualHost *:443>
ServerName app2.domain.edu
SSLEngine on
SSLCertificateFile /etc/pki/tls/certs/app2.domain.edu.crt
SSLCertificateKeyFile /etc/ssl/private/server.private.key
<Location /admin>
Deny from all
</Location>
WSGIScriptAlias / /var/www/web2py/wsgihandler.py
Alias /css/ /var/www/web2py/applications/app2/static/
AliasMatch ^/([^/]+)/static/(.*) \
/var/www/web2py/applications/$1/static/$2
<Directory /var/www/web2py/applications/*/static/*/>
Order Allow,Deny
Allow from all
</Directory>
<VirtualHost>
--
Resources:
- http://web2py.com
- http://web2py.com/book (Documentation)
- http://github.com/web2py/web2py (Source code)
- https://code.google.com/p/web2py/issues/list (Report Issues)
---
You received this message because you are subscribed to the Google Groups
"web2py-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to web2py+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.
