EPrints Technical Mailing List Archive

Message: #06689

Re: [EP-tech] Running EPrints under HTTPS all the time

To: eprints-tech@ecs.soton.ac.uk
Subject: Re: [EP-tech] Running EPrints under HTTPS all the time
From: Matthew Kerwin <matthew@kerwin.net.au>
Date: Fri, 7 Jul 2017 10:20:06 +1000

On 7 July 2017 at 09:14, Coles, Elizabeth A. (Betsy) <bcoles@caltech.edu> wrote:
>
> Has anyone set up EPrints to run under HTTPS all the time, not just for
> logins?
>
> We have a system running EPrints 3.3.10 and set up to use https for login as
> described in https://wiki.eprints.org/w/How_to_use_EPrints_with_HTTPS.  But
> what we'd really like to do is use HTTPS all the time.  Any pointers on how
> to set this up?
>
> Betsy Coles
>
> Caltech Library
>
> bcoles@caltech.edu
>

Hi Betsy,

We mostly have that set up at QUT (complicated by the fact that we
still allow cleartext HTTP access for non-secure pages.)

I do recall we had to make changes in order for EPrints's Apache httpd
config generator to add a second <Location/> block (for http_root,
when it doesn't match https_root) inside the HTTPS VirtualHost.

There are also issues in the way EPrints::URL assumes that "https" and
"secure" are the same thing, and is reluctant to put "https" at the
start of any URL that isn't "secure".

So, this is an area I definitely want to work on in the near future,
but it's not something I know how to solve immediately, I'm afraid.
Others may be of more help, though.

Cheers
-- 
  Matthew Kerwin
  http://matthew.kerwin.net.au/

References:
- [EP-tech] Running EPrints under HTTPS all the time
  - From: "Coles, Elizabeth A. (Betsy)" <bcoles@caltech.edu>

Prev by Date: [EP-tech] Running EPrints under HTTPS all the time
Next by Date: [EP-tech] 'PUSH' implementation for OpenAIRE Piwik tracking.
Previous by thread: [EP-tech] Running EPrints under HTTPS all the time
Next by thread: Re: [EP-tech] Running EPrints under HTTPS all the time
Index(es):
- Date
- Thread