Re: [SyncEvolution] SSL support, Syncevolution as HTTP server?
On Tue, Nov 02, 2010 at 17:31:12 +0200, Anssi Saari wrote:
The Syncevolution HTTP server setup docs say somewhat cryptically that
"HTTPS is probably possible by extending the way how Twisted is used
and/or configured." So what actually needs to be done? Has anyone done
any work relating to this? I'm currently using a Nexus One with
Synthesis which says it supports SSL, so I should have the client end
covered.
I use the syncevolution server on a server which already runs apache.
So I set up apache with mod_proxy enabled and a virtual host that
forwards HTTPS connetions to apache to the local syncevolution server:
<VirtualHost your_ip:your_port>
ServerAdmin your@mail
ServerName your.hostname
DocumentRoot "/var/www/"
SSLEngine On
SSLCipherSuite HIGH:MEDIUM
SSLCertificateFile /path/to/your/certificate.pem
ProxyPass /syncevolution http://localhost:9000/syncevolution
ProxyPassReverse /syncevolution
http://localhost:9000/syncevolution
SetEnv force-proxy-request-1.0.1
SetEnv proxy-nokeepalive 1
<Location />
Order allow,deny
Allow from all
</Location>
</VirtualHost>
Now you can connect to the syncevolution server using this URL:
https://your_ip:your_port/syncevolution
Of cause you also need to prepare the certificate. I use a selfmade
certificate authority and imported the root certificate in my Nokia
phone so that it trusts the web server certificate.
I modified syncevo-http-server to not listen an all interfaces,
but only the lo interface by modifying the reactor.listenTCP() call to
look like this:
reactor.listenTCP(url.port, site, 64, 'localhost')
Regards,
Tino