[Mailman-Users] Setting up SSL Virtualhost for Mailman
Sean Son
linuxmailinglistsemail at gmail.com
Fri Sep 14 13:10:07 EDT 2018
On Wed, Sep 12, 2018 at 12:09 PM, Jim Plumb <jim at jimplumb.com> wrote:
>
>
> -----Original Message-----
> From: Mailman-Users
> [mailto:mailman-users-bounces+jim=jimplumb.com at python.org] On Behalf Of
> Sean
> Son
> Sent: Tuesday, September 11, 2018 9:04 PM
> To: Mark Sapiro
> Cc: mailman-users at python.org
> Subject: Re: [Mailman-Users] Setting up SSL Virtualhost for Mailman
>
> On Tue, Sep 11, 2018 at 4:00 PM, Mark Sapiro <mark at msapiro.net> wrote:
>
> > On 09/11/2018 11:47 AM, Sean Son wrote:
> > >
> > > Thanks for the reply man. I want to require HTTPS for Mailman and all
> of
> > > its lists. I already have an SSL cert . I am running Apache as the
> > > webserver on RHEL 7. I took a look at the FAQs on the Mailman site,
> > > regarding setting up SSL. It mentions that a virtual host can be set up
> > for
> > > HTTP to redirect to HTTPS, and a virtualhost can be set up for the
> HTTPS
> > > and mailman configured to only work on HTTPs. It is the latter part,
> > > setting up the VirtualHost for HTTPS and configuring mailman to work
> only
> > > with HTTPs, which I am lost on.
> >
> > There are multiple ways to do this. It depends on whether you have other
> > virtual hosts and if so, if they should also be able to access mailman.
> >
> > In the simplest case, just put the various things for the mailman config
> > such as
> >
> > ScriptAlias /mailman/ /path/to/mailman/cgi-bin
> > Alias /pipermail/ /path/to/mailman/archives/public/
> >
> > <Directory "/path/to/mailman/cgi-bin/">
> > Options ExecCGI
> > Require all granted
> > </Directory>
> >
> > <Directory "/path/to/mailman/archives/public">
> > Options +FollowSymLinks
> > Require all granted
> > </Directory>
> >
> > directly in the mailman https virtual host.
> >
> > --
> > Mark Sapiro <mark at msapiro.net> The highway is for gamblers,
> > San Francisco Bay Area, California better use your sense - B. Dylan
> > ------------------------------------------------------
> > Mailman-Users mailing list Mailman-Users at python.org
> > https://mail.python.org/mailman/listinfo/mailman-users
> > Mailman FAQ: http://wiki.list.org/x/AgA3
> > Security Policy: http://wiki.list.org/x/QIA9
> > Searchable Archives: http://www.mail-archive.com/
> > mailman-users%40python.org/
> > Unsubscribe: https://mail.python.org/mailman/options/mailman-users/
> > linuxmailinglistsemail%40gmail.com
> >
>
> So i got HTTPS to work on the main site, but now when I access the list
> archives, i see that they are still being accessed through HTTP and not
> HTTPS
>
> So I then ran this command:
>
> $prefix/bin/withlist -l -a -r fix_url
>
> and each of the lists were listed but the word "locked" appeared by each
> one of them.. After the command finished running and I restarted Mailman as
> well as Apache, I still see that the list archives are being accessed
> through HTTP and not HTTPS. Any ideas on how I should resolve this? What
> does "locked" mean that appeared by each list name:
>
> /usr/lib/mailman/bin/withlist -l -a -r fix_url
> Importing fix_url...
> Running fix_url.fix_url()...
> Loading list list0 (locked)
> Saving list
> Loading list list1 (locked)
> Saving list
> Loading list list2 (locked)
> Saving list
> .
> .
> Finalizing
> ------------------------------------------------------
> Mailman-Users mailing list Mailman-Users at python.org
> https://mail.python.org/mailman/listinfo/mailman-users
> Mailman FAQ: http://wiki.list.org/x/AgA3
> Security Policy: http://wiki.list.org/x/QIA9
> Searchable Archives: http://www.mail-archive.com/
> mailman-users%40python.org/
> Unsubscribe:
> https://mail.python.org/mailman/options/mailman-users/jim%40jimplumb.com
>
> From my experience in recently setting up Mailman with HTTPS you cannot use
> fix_url but instead add this setting to mm_cfg.py:
>
> DEFAULT_URL_PATTERN = 'https://%s/mailman/'
>
>
>
>
Thanks everyone! It worked!!
More information about the Mailman-Users
mailing list