Hi Graham, Ok I can access both but only through the server name.
We are working on getting CA signed certs and DNS sorted but in the mean time I was hoping to access it via IP address over HTTPs. This is an internal site on private IP and not accessible from the internet. Is there a way to temporarily permit this with mod_wsgi? Many thanks. On Thu, Apr 12, 2018 at 10:26 AM, Graham Dumpleton < [email protected]> wrote: > The argument to --server-name should be the same host name you use in the > URL otherwise it likely will not work. You can't use 'localhost' or any > other internal name which isn't what is used in the URL. > > Also try not supplying: > > --https-only > > See if normal 'http' URL access works, and then with 'https' URL. > > Am wondering whether it is some issues around the redirection from http to > https. > > Graham > > On 12 Apr 2018, at 10:19 am, Marcos Georgopoulos <[email protected]> wrote: > > Sorry I forgot to answer part of your question. > > No access '/' has the same issue. > > On Thursday, April 12, 2018 at 10:05:18 AM UTC+10, Graham Dumpleton wrote: >> >> Does accessing the root of the site work? >> >> Add the option: >> >> --access-log >> >> and show me the series of requests which are then logged in it. >> >> Is there anything in the directory: >> >> /etc/mod_wsgi-express-443/htdocs >> >> IOW, what do you get when you run: >> >> ls -las /etc/mod_wsgi-express-443/htdocs >> >> Graham >> >> On 12 Apr 2018, at 9:01 am, Marcos Georgopoulos <[email protected]> wrote: >> >> Hi, >> >> I am trying to get my web application working over https. I am using >> Centos7. I have disabled the firewall and selinux ( temporarily for testing >> ) >> >> >> The following works with no issues for http on port 80. >> >> >> sudo python3.6 manage.py runmodwsgi --setup-only --port=80 --user apache >> --group apache --server-root=/etc/mod_wsgi-express-80 >> >> I get the following error when trying to access it over https/443. Below >> is the command I run to set it up. >> >> sudo python3.6 manage.py runmodwsgi --setup-only --user=apache >> --group=apache --server-root=/etc/mod_wsgi-express-443 --https-only >> --https-port=443 --ssl-certificate-file=/etc/pki/tls/certs/localhost.crt >> --ssl-certificate-key-file=/etc/pki/tls/private/localhost.key >> --server-name=myhost.local >> >> >> *Web browser* >> >> Forbidden >> >> You don't have permission to access /login/ on this server. >> >> *Error Log* >> >> [Wed Apr 11 18:47:33.429059 2018] [mpm_event:notice] [pid 12053:tid >> 140251110680704] AH00489: Apache/2.4.6 (CentOS) mod_wsgi/4.6.4 Python/3.6 >> OpenSSL/1.0.2k-fips configured -- resuming normal operations >> [Wed Apr 11 18:47:33.429098 2018] [core:notice] [pid 12053:tid >> 140251110680704] AH00094: Command line: 'httpd (mod_wsgi-express) -f >> /etc/mod_wsgi-express-443/httpd.conf -D MOD_WSGI_VIRTUAL_HOST -D >> MOD_WSGI_WITH_HTTPS -D MOD_WSGI_HTTPS_ONLY -D >> MOD_WSGI_MPM_ENABLE_EVENT_MODULE >> -D MOD_WSGI_MPM_EXISTS_EVENT_MODULE -D MOD_WSGI_MPM_EXISTS_WORKER_MODULE >> -D MOD_WSGI_MPM_EXISTS_PREFORK_MODULE' >> [Wed Apr 11 18:47:50.725314 2018] [authz_core:error] [pid 12061:tid >> 140251110143744] [client 10.16.18.11:63623] AH01630: client denied by >> server configuration: /etc/mod_wsgi-express-443/htdocs/login >> >> >> Many thanks. >> >> >> >> -- >> You received this message because you are subscribed to the Google Groups >> "modwsgi" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to [email protected]. >> To post to this group, send email to [email protected]. >> Visit this group at https://groups.google.com/group/modwsgi. >> For more options, visit https://groups.google.com/d/optout. >> >> >> > -- > You received this message because you are subscribed to the Google Groups > "modwsgi" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To post to this group, send email to [email protected]. > Visit this group at https://groups.google.com/group/modwsgi. > For more options, visit https://groups.google.com/d/optout. > > > -- > You received this message because you are subscribed to the Google Groups > "modwsgi" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To post to this group, send email to [email protected]. > Visit this group at https://groups.google.com/group/modwsgi. > For more options, visit https://groups.google.com/d/optout. > -- You received this message because you are subscribed to the Google Groups "modwsgi" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at https://groups.google.com/group/modwsgi. For more options, visit https://groups.google.com/d/optout.
