http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=5576 --- Comment #2 from Ian Walls <ian.walls@bywatersolutions.com> 2011-01-05 19:48:56 UTC ---
From IRC:
<gmcharlt> sekjal: you may want to take a look at how Evergreen handles using SSL for patron login and display in the OPAC and regular HTTP for everything else <sekjal> gmcharlt: thanks, I'll take a peek <chris> id like that once you are logged in, its ssl, before you are logged in its http once you are placing holds etc, that may as well be encrypted too make the fbi earn their money <gmcharlt> or move some of the scripts about (to make URL rewriting easier) and have /opac/ and /opac/secure/ <pastebot> "gmcharlt" at 68.101.78.67 pasted "sekjal: the relevant bit from EG's Apache config" (6 lines) at http://paste.koha-community.org/118 <gmcharlt> one thing to note that SSLRequireSSL implies use of mod_ssl; mod_gnutls doesn't have a direct equivalent The value in pastebin: # -------------------------------------------------------------------------------- # Force SSL on the OPAC's "My Account" page # -------------------------------------------------------------------------------- <LocationMatch .*/myopac.xml> SSLRequireSSL </LocationMatch> -- Configure bugmail: http://bugs.koha-community.org/bugzilla3/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the QA contact for the bug.