Re: [cobalt-security] SSL on ASP Admin Panel?

[Alex Lee <Alex.M.Lee@xxxxxxx>]

The ASP Admin Console on port 5100 is a standalone Apache version, that 
runs a single process to it's own single process ASP engine to control the 
configuration of the main ASP engine. It has NO extraneous Apache 
functionality aside from the standard build with mod_so to include ASP 
functionality. Take a look at /home/chiliasp/admin/conf/admd.conf

Granted it'd be nice to have it SSL-enabled but you only turn on the ASP 
Admin Console when you need it and turn it off when you don't.

As part of the integration of the ASP component into the RaQ software 
bundle, the ASP Console's user/password is synchronized with the Cobalt 
Admin UI. You can change the ASP Admin Console password manually running 
/home/chiliasp/admtool

alex

At 09:27 AM 4/25/2002 -0400, you wrote:
> We installed an SSL cert on our main IP so we could access the server admin
> panels securely.  Well, I just happened to notice that when I go to the ASP
> Admin Panel from under Control Panel in the Server Admin, it goes to a plain
> old "http://"; request..  Drops the SSL, and no longer encrypts the data.
> What's really bad, is when you go to the ASP Admin Panel, it asks you to
> log-in again as Admin, and seeing as how it's not secure, I don't want to..
>
> Anyone know how we can fix this??  I can't even manually add the "s" to the
> URL..
>
> This works: http://www.domain.com:5100
>
> This DOES NOT work: https://www.domain.com:5100
>
> Any Sun/Cobalt people notice this also???
>
> Thank you list!
>
> -Jamie-
> http://w-c.net
> WebConnection.Net, Inc.
> In a mad world, only the mad are sane...
>
> _______________________________________________
> cobalt-security mailing list
> cobalt-security@xxxxxxxxxxxxxxx
> http://list.cobalt.com/mailman/listinfo/cobalt-security