OK now is much more clear. If i replace the apache configuration file with the one that i find on the book i can have https on admin interface only? I got a certificate from startssl but i really can't find a way to export or generate the server.crt and server.key files.
My knowledge is not that advanced for the moment. The server is only for educational purpose and to store some data from sensors. Thanks. Il giorno lunedì 10 agosto 2015 10:39:16 UTC+2, Pablo Angulo ha scritto: > > > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA256 > > El 10/08/15 a las 10:11, Paolo Amboni escribió: > > OK I'm waiting for a free certificate. > > > > But what i can't understand is why all the site is https not only the > admin interface. > > I told you, some web2py contributor it was best to do it that way in 2015, > and everyone else thought it was a good idea, so the install script was > changed so that all http is redirected to https. Specifically, this config > tells apache "redirect all http to https": > > > https://github.com/web2py/web2py/blob/master/scripts/setup-web2py-ubuntu.sh > <VirtualHost *:80> > RewriteEngine On > RewriteCond %{HTTPS} !=on > RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L] > CustomLog /var/log/apache2/access.log common > ErrorLog /var/log/apache2/error.log > </VirtualHost> > > while the one on the manual just configures http: > > http://web2py.com/books/default/chapter/29/13/deployment-recipes#mod_wsgi > > |<VirtualHost *:80> > ServerName web2py.example.com > WSGIDaemonProcess web2py user=www-data group=www-data > display-name=%{GROUP} > WSGIProcessGroup web2py > WSGIScriptAlias / /home/www-data/web2py/wsgihandler.py > > #This is Apache 2.2.x permission syntax. See Apache docs for 2.4 syntax > # http://httpd.apache.org/docs/2.4/upgrading.html#run-time > > <Directory /home/www-data/web2py> > AllowOverride None > Order Allow,Deny > Deny from all > <Files wsgihandler.py> > Allow from all > </Files> > </Directory> > > AliasMatch ^/([^/]+)/static/(?:_[\d]+.[\d]+.[\d]+/)?(.*) > /users/www-data/web2py/applications/$1/static/$2 > <Directory /users/www-data/web2py/applications/*/static/> > Order Allow,Deny > Allow from all > </Directory> > > <Location /admin> > Deny from all > </Location> > > <LocationMatch ^/([^/]+)/appadmin> > Deny from all > </LocationMatch> > > CustomLog /private/var/log/apache2/access.log common > ErrorLog /private/var/log/apache2/error.log > </VirtualHost>| > > > > I will study all the deployment chapter of the book to find some clues > and how to use the new certificate. > > Thanks. > > In the manual, or in the script, it configures a self-signed certificate. > You can use the script, or follow the book, but then you must replace the > self-signed certificates > > | SSLCertificateFile /etc/apache2/ssl/server.crt > SSLCertificateKeyFile /etc/apache2/ssl/server.key > | > > by certificated signed by startssl (only for non-commercial purposes), or > gandi.net, or any other "authority". You must follow their particular > procedure to generate your server.key file and then get the correct > server.crt file. > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v2 > > iQIcBAEBCAAGBQJVyGMLAAoJEATsOw+FDrzILdIP+wfVshYU7F4teHsQZGfhCC5X > md2vA3SuNU6LE4Q+kNHaFAoY05ziUywetObgGpw36+qe59I4UePa7F3f9aNqhaQP > yFiBmdpNZZmBGUWzHABI9JbSXAjc5be/4ReNUDcAx7MKT7wpTEeXJDlsn62e4Xom > M6pXfOrLrtygsXGB0JF0DeJ3QL+EjcXPvTEQBC3x3C3bnKugDtzKfNzbxWmUhdaY > ybs5e4rmD1g+b6QG50j/imnnGm4Pqfo+iI9AmcxGfs4bjWp7vup6JV8Lr4W+CsAV > sccY0Jy6FDeqhQpdKPWcLe3YRrpY0p6wouzOZHlUfF8FeFPT7F6p9rOxEdw/2yJ6 > uHfXG+9vFslM3y5lWfUp2ymp4dm0P31jfAc8eftLV+ZumiLDndO491EgJj8ewz9z > +4VMWryEW+uJF1yUjpxikeQlvIMrGz+CEj4Yj/1mB6T4g3NKgtUdyIPP3ptjrWbQ > ZMBTYPXhWETiNlf33N/YdSfz/9rzTjw+N1Vn1bc1k2WB9oyBGY7P2A/OqxrOD/G3 > Mr/bFWwH0pD2UpvSWI+nUwIDoPtwgCx0SyiyItqBXnKBc5rQKSmdDBd1WSyTLWbG > zqesLbifwzfN+zK+x6oAozp2fUWLq4CgcPTOPp9RBPwdPSD7lDHrShzfoyqxYvDy > CMRh3KXHYMhdG4H2e3IU > =+WTS > -----END PGP SIGNATURE----- > > -- Resources: - http://web2py.com - http://web2py.com/book (Documentation) - http://github.com/web2py/web2py (Source code) - https://code.google.com/p/web2py/issues/list (Report Issues) --- You received this message because you are subscribed to the Google Groups "web2py-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to web2py+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
