[EP-tech] Re: problem with multiple archives from

Adam Field af05v at ecs.soton.ac.uk
Thu Dec 10 22:16:00 GMT 2015 

What John said, but if you want to be walked through, I've actually done a training video on just this recently:

	http://wiki.eprints.org/w/index.php/Training_Video:Setting_up_SSL

I only set up one repository, but I do it in the way that is scalable.

--
Adam Field
Business Relationship Manager and Community Lead
EPrints Services



On 10 Dec 2015, at 14:44, John Salter <J.Salter at leeds.ac.uk> wrote:

> Hi,
> > need a virtual host for each https
> I think this is the right solution – the details below aren’t tested – but I hope are enough to get you started to a fix!
>  
> The content in each ~/cfg/apache_ssl/ARCHIVEID.conf:
> #####################
>   <Location "">
>     PerlSetVar EPrints_ArchiveID ARCHIVEID
>     PerlSetVar EPrints_Secure yes
>  
>     Options +ExecCGI
>     Order allow,deny
>     Allow from all
>   </Location>
> #####################
>  
> needs to go into a seperate vhost block with the appropriate ServerName (and with all the necessary SSL bits completed too - … below):
> #####################
> <VirtualHost *:443>
> ServerName …
> ServerAdmin …
> SSLEngine on
> SSLCertificateFile …
> SSLCertificateKeyFile …
> SSLCertificateChainFile …
> SSLProtocol …
>  
> #may be in /opt/eprints instead?
> Include /usr/share/eprints/cfg/apache_ssl/ARCHIVEID.conf
>  
> PerlTransHandler +EPrints::Apache::Rewrite
> </VirtualHost>
> #####################
>  
>  
> Cheers,
> John
>  
> From: eprints-tech-bounces at ecs.soton.ac.uk [mailto:eprints-tech-bounces at ecs.soton.ac.uk] On Behalf Of Sebastian Schick
> Sent: 10 December 2015 14:10
> To: eprints-tech at ecs.soton.ac.uk
> Subject: [EP-tech] Re: problem with multiple archives from
>  
> Hi,
>  
> we still have problems running our archives with https.
> Maybe we now have a more detailed understanding of the problem. I will try to describe the situation below.
>  
> As long as no user is logged in at a https enabled archive, everything is ok.
> It is only possible to log on  to the first https archive ({host} = 'eprints.localhost';) but not to the second https archive ({host} = 'eprints.dbis.localhost'; ).
> In the latter case we get an authentication error (user not known).
> If someone is logged onto the first https archive, for all other archives the links become wrong.
> In this case the links will be set to the host of the first https archive, with the exception of the “create account” button.
> If the user is logged out, links are generated correctly.
>  
> We assume that this is a problem with the virtual host configuration of the apache.
> Maybe we also need a virtual host for each https enabled archive instead of a general virtual host definition with locations?
>  
>  
> Do you have any other hints?
>  
> Sebastian
>  
>  
> Von: eprints-tech-bounces at ecs.soton.ac.uk [mailto:eprints-tech-bounces at ecs.soton.ac.uk] Im Auftrag von Sebastian Schick
> Gesendet: Dienstag, 24. November 2015 21:07
> An: eprints-tech at ecs.soton.ac.uk
> Betreff: [EP-tech] Re: problem with multiple archives from
>  
> Hi,
>  
> we were able to run one archive with https and two other archives with http!
> If we try to run three archives with https we run into the same problems as described before.
> We also tried to run two archives with https and the third with http. In this case only the links for the second archive with https are generated wrong.
>  
> Does anyone have a running configuration for more than 2 archive using https?
>  
>  
> Here is our configuration for two archives.
> First archive:
>  
> # This file was created by bin/epadmin
> # You can regenerate this file by doing ./bin/epadmin config_core ifi
> $c->{host} = 'eprints.localhost';
> $c->{port} = 80;
> $c->{aliases} = [];
> $c->{securehost} = 'eprints.localhost';
> $c->{secureport} = 443;
> $c->{http_root} = undef;
>  
> Second archive:
>  
> # This file was created by bin/epadmin
> # You can regenerate this file by doing ./bin/epadmin config_core dbis
> $c->{host} = 'eprints.dbis.localhost';
> $c->{port} = 80;
> $c->{aliases} = [];
> $c->{securehost} = 'eprints.dbis.localhost';
> $c->{secureport} = 443;
> $c->{http_root} = undef;
>  
> Do you have any other hints?
>  
> Sebastian
> Von: eprints-tech-bounces at ecs.soton.ac.uk [mailto:eprints-tech-bounces at ecs.soton.ac.uk] Im Auftrag von Adam Field
> Gesendet: Montag, 2. November 2015 16:41
> An: eprints-tech at ecs.soton.ac.uk
> Betreff: [EP-tech] Re: problem with multiple archives from
>  
> Is there a pattern in which links go to the wrong site (e.g. https ones don't work?).
>  
> --
> Adam Field
> Business Relationship Manager and Community Lead
> EPrints Services
>  
>  
>  
> On 2 Nov 2015, at 15:32, Sebastian Schick <sebastian.schick at uni-rostock.de> wrote:
>  
> 
> Yes, the first archive is running https. The second not yet.
> 
> Sebastian
>  
> Von: eprints-tech-bounces at ecs.soton.ac.uk [mailto:eprints-tech-bounces at ecs.soton.ac.uk] Im Auftrag von Adam Field
> Gesendet: Montag, 2. November 2015 15:53
> An: eprints-tech at ecs.soton.ac.uk
> Betreff: [EP-tech] Re: problem with multiple archives from
>  
> Are you running https?
>  
>  
> --
> Adam Field
> Business Relationship Manager and Community Lead
> EPrints Services
>  
>  
>  
> On 30 Oct 2015, at 15:15, John Salter <J.Salter at leeds.ac.uk> wrote:
>  
> 
> That all looks OK (I'm guessing 'loclhost' in the second one is a typo?)
> 
> Have you got any other config files that define 'base_url' or similar in:
> ~/archives/<dbis>/cfg/cfg.d/
> ~/archives/ <inf>/cfg/cfg.d/
> ~/lib/cfg.d/
> ~/lib/syscfg.d/
> ~/cfg/cfg.d/
> 
> The http paths configured in here: 
> https://github.com/eprints/eprints/blob/3.3/perl_lib/EPrints/Repository.pm#L504
> Which in turn calls _add_http_paths:
> https://github.com/eprints/eprints/blob/3.3/perl_lib/EPrints/Repository.pm#L715-L774
> and _add_live_http_paths:
> https://github.com/eprints/eprints/blob/3.3/perl_lib/EPrints/Repository.pm#L288-L300
> 
> - but these can be overridden in config files.
> 
> If none of that helps, if you look at the source-code for a page, are the links relative, or absolute?
> Do you have a <base...> element in your template?
> 
> Cheers,
> John
> 
> 
> 
> -----Original Message-----
> From: eprints-tech-bounces at ecs.soton.ac.uk [mailto:eprints-tech-bounces at ecs.soton.ac.uk] On Behalf Of Sebastian Schick
> Sent: 30 October 2015 14:41
> To: eprints-tech at ecs.soton.ac.uk
> Subject: [EP-tech] Re: problem with multiple archives from
> 
> Hi Thomas,
> 
> the content of <EprintsPath>/archives/<dbis>/cfg/cfg.d/10_core.pl is
> $c->{host} = 'dbis.localhost';
> $c->{port} = 80;
> $c->{aliases} = [];
> $c->{securehost} = '';
> $c->{secureport} = 443;
> $c->{http_root} = undef;
> 
> the content of <EprintsPath>/archives/<inf>/cfg/cfg.d/10_core.pl is
> 
> $c->{host} = 'inf.loclhost';
> $c->{port} = 80;
> $c->{aliases} = [];
> $c->{securehost} = '';
> $c->{secureport} = 443;
> $c->{http_root} = undef;
> 
> 
> 
> Is there something missing in the second conf file?
> 
> Sebastian
> 
> 
> On 30.10.2015 14:52, Thomas Lauke wrote:
> 
> Hi Sebastian,
> 
> 
> Why does eprints generate wrong links on the web pages?
> imho the definition in <EprintsPath>/archives/<repoID>/cfg/cfg.d/10_core.pl is relevant during bin/generate_static ...
> 
> Hth
> Thomas
> 
> 
> 
> *** Options: http://mailman.ecs.soton.ac.uk/mailman/listinfo/eprints-tech
> *** Archive: http://www.eprints.org/tech.php/
> *** EPrints community wiki: http://wiki.eprints.org/
> *** EPrints developers Forum: http://forum.eprints.org/
>  
> *** Options: http://mailman.ecs.soton.ac.uk/mailman/listinfo/eprints-tech
> *** Archive: http://www.eprints.org/tech.php/
> *** EPrints community wiki: http://wiki.eprints.org/
> *** EPrints developers Forum: http://forum.eprints.org/
>  
> *** Options: http://mailman.ecs.soton.ac.uk/mailman/listinfo/eprints-tech
> *** Archive: http://www.eprints.org/tech.php/
> *** EPrints community wiki: http://wiki.eprints.org/
> *** EPrints developers Forum: http://forum.eprints.org/

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ecs.soton.ac.uk/pipermail/eprints-tech/attachments/20151210/de53be72/attachment-0001.html

More information about the Eprints-tech mailing list