Please login or register to participate.
migrationuser Oct 14, 2009 03:48 PM
How to install and config ssl on v2.1 ?
Replies (6)
migrationuser Oct 14, 2009 03:49 PM

SSL support is currently only supported in custom implementation by Cynapse, it is not directly end site-owner configurable due to complexities involving applying certificates to Apache webserver with respect to virtual host url rewriting, etc. that is done inside Zope server. Especially the problem is that it is really difficult to do this reliably in out-of-box configuration with community edition virtual appliance.

Do consider approaching cynapse support for this, they'll set it up for you and also provide you top-notch support for your deployment.

Dhiraj Gupta.
rick_t Jan 21, 2010 04:45 AM
Hi Dhiraj,

Has the situation changed for v3.n in regards to configuring SSL ? I must admit I was kicking myself for not finding this thread earlier as I'm in the midst of launching a pilot involving both internal and external users.

External users typically access corporate apps via VPN but one of the goals for the pilot to to allow external access (to without having to use VPN (but with user authenication of course). Some of the apps such as Sharepoint are already accessible via SSL/https and I was hoping that it was possible to configure the community edition as such.

Excitement is high among the few users who had previewed a and hopefully SSL configuration will not be a hurdle (finger crossed). Any comments or pointers eagerly awaited. Thanks.
dhiraj Jan 21, 2010 09:54 AM
SSL *can* actually be configured by any implementer, it just requires knowledge of setting up Apache SSL sites. And a cert that browsers will accept. And some experience with plone PAS goes a long way. :)

You can attempt to do this by using the vanilla WebServerAuth product (replace the one that comes with with this) and use the https URL for login redirection.
continuous Nov 13, 2011 07:11 PM
I'm fairly familiar with the apache ssl stuff but have little experience with plone PAS.
Is there anything specific I should know/do about/to PAS to get this working correctly for the latest release of CE?
All access to this implementation needs to be secure as it will come from the wide Internet.
rick_t Jan 21, 2010 04:13 PM
Thanks for the reassurance ! I was actually reading a page on ( prior to my post and I'm guessing it's still relevant given that the foundation of is ultimately still plone ?
dhiraj Jan 21, 2010 04:48 PM
Hmm... that's one way of doing it, I suppose. Do let me know if that works for you.

Caution: Always try authentication related testing on non-production setup, first.