Home/ Questions/Q 8262113
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-08T03:39:19+00:00

I am installing Mozilla Sync and was successful until I tried to have it

  • 0

I am installing Mozilla Sync and was successful until I tried to have it use SSL.
I have been following (among others) these instructions

http://www.wenks.ch/fabian/mozilla-custom-sync-server/

to setup a mozilla sync server. It runs fine when I connect to

http://mydomain.com:5000/

but when I use https instead of http and remove the :5000 I get a error 500 returned without any error logfile entries. I set the logfile levels to DEBUG in all related logs (apache, Mozilla Sync), but I cannot track down where the issue lies. For example, the only entry in the debug-level apache-logfile relating to wsgi is:

[info] mod_wsgi (pid=30174): Create interpreter ‘mydomain.com|’.

here is my ssl config:

<VirtualHost $$$.$$$.$$$.$$$:443>
LogLevel debug
ServerAdmin "webmaster@mydomain.com"
ServerName sync.mydomain.com
MIMEMagicFile /dev/null
CustomLog logs/ssl.mydomain.com_access_log "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-agent}i\""
CustomLog logs/ssl_request.mydomain.com_access_log "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
ErrorLog logs/ssl.mydomain.com_error_log

DocumentRoot /home/mydomain/public_html
<Directory /home/mydomain/public_html>
    Order deny,allow
    Allow from all
    AllowOverride All
</Directory>

WSGIProcessGroup sync.mydomain.com
WSGIPassAuthorization On
WSGIDaemonProcess sync.mydomain.com user=weave group=weave processes=2 threads=25
WSGIScriptAlias / /home/sync/server-full/sync.wsgi

SSLEngine on
SSLProtocol -ALL +SSLv3 +TLSv1
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:-LOW:-SSLv2:-EXP:+eNULL
SSLCertificateFile "/home/sync/ssl/server.crt"
SSLCertificateKeyFile "/home/sync/ssl/server.key"
</VirtualHost>

I want to use SSL to encrypt the username & password which are otherwise transmitted in clear text.

Can someone point me in the right direction on how to fix this?

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    I found the issue finally. First of all, the updated manual at http://www.wenks.ch/fabian/mozilla-custom-sync-server/ shows the complete setup for HTTPS.

    Second of all, my SSL certificate is self-signed. You need to visit the URL with a browser first and add an exception in order to make it work.

    Third of all, if one tester the server previously with the paster there is a sync-error.log created that has a write permission from the user account that was used for the testing (likely root) and WSGI cannot write to it. You need to remove the error log and have it re-created by the WSGI process.

    • 0