[Mailman-Users] Setting up SSL Virtualhost for Mailman

Sean Son linuxmailinglistsemail at gmail.com
Tue Sep 11 21:03:32 EDT 2018 

On Tue, Sep 11, 2018 at 4:00 PM, Mark Sapiro <mark at msapiro.net> wrote:

> On 09/11/2018 11:47 AM, Sean Son wrote:
> >
> > Thanks for the reply man. I want to require HTTPS for Mailman and all of
> > its lists. I already have an SSL cert . I am running Apache as the
> > webserver on RHEL 7.  I took a look at the FAQs on the Mailman site,
> > regarding setting up SSL. It mentions that a virtual host can be set up
> for
> > HTTP to redirect to HTTPS, and a virtualhost can be set up for the HTTPS
> > and mailman configured to only work on HTTPs.  It is the latter part,
> > setting up the VirtualHost for HTTPS and configuring mailman to work only
> > with HTTPs, which I am lost on.
>
> There are multiple ways to do this. It depends on whether you have other
> virtual hosts and if so, if they should also be able to access mailman.
>
> In the simplest case, just put the various things for the mailman config
> such as
>
> ScriptAlias /mailman/ /path/to/mailman/cgi-bin
> Alias   /pipermail/  /path/to/mailman/archives/public/
>
> <Directory "/path/to/mailman/cgi-bin/">
>     Options ExecCGI
>     Require all granted
> </Directory>
>
> <Directory "/path/to/mailman/archives/public">
>     Options +FollowSymLinks
>     Require all granted
> </Directory>
>
> directly in the mailman https virtual host.
>
> --
> Mark Sapiro <mark at msapiro.net>        The highway is for gamblers,
> San Francisco Bay Area, California    better use your sense - B. Dylan
> ------------------------------------------------------
> Mailman-Users mailing list Mailman-Users at python.org
> https://mail.python.org/mailman/listinfo/mailman-users
> Mailman FAQ: http://wiki.list.org/x/AgA3
> Security Policy: http://wiki.list.org/x/QIA9
> Searchable Archives: http://www.mail-archive.com/
> mailman-users%40python.org/
> Unsubscribe: https://mail.python.org/mailman/options/mailman-users/
> linuxmailinglistsemail%40gmail.com
>

So i got HTTPS to work on the main site, but now when I access the list
archives, i see that they are still being accessed through HTTP and not
HTTPS

So I then ran this command:

$prefix/bin/withlist -l -a -r fix_url

and each of the lists were listed but the word "locked" appeared by each
one of them.. After the command finished running and I restarted Mailman as
well as Apache, I still see that the list archives are being accessed
through HTTP and not HTTPS.  Any ideas on how I should resolve this? What
does "locked" mean that appeared by each list name:

/usr/lib/mailman/bin/withlist -l -a -r fix_url
Importing fix_url...
Running fix_url.fix_url()...
Loading list list0 (locked)
Saving list
Loading list list1 (locked)
Saving list
Loading list list2 (locked)
Saving list
.
.
Finalizing

More information about the Mailman-Users mailing list