...
1. Make the appropriate changes to your Apache installation (adding a module to provide SSL support, for example) and httpd.conf so that your server will only make the Mailman web interface URIs available via Secure HTTP. For more information about configuring Apache visit http://httpd.apache.org.
Something like:
| No Format |
|---|
RedirectPermanent /mailman/ https://<server_name>/mailman/
|
...
Alternatively, you may be able to use RewriteCond and RewriteRule to rewrite http://<server_name>/mailman/ as https://<server_name>/mailman/ only when the scheme is http.
There are various ways to do this in Apache. For example
| No Format |
|---|
RewriteEngine on
RewriteCond %{HTTPS} off [NC]
RewriteRule ^/mailman(/.*) https://%{HTTP_HOST}/mailman$1 [L,R=permanent]
|
| Note |
|---|
Don't omit the `[NC]` flag on the above RewriteCond unless you're certain you know what you're doing. |
2. Assuming MM 2.1.1, assign the value of the DEFAULT_URL_PATTERN Mailman configuration variable in mm_cfg.py to use the https scheme, e.g.
| No Format |
|---|
DEFAULT_URL_PATTERN = 'https://%s/mailman/'
|
...
3. Use $prefix/bin/fix_url.py to get the change to DEFAULT_URL_PATTERN propagated to the web_page_url attributes of existing lists. You may need to run this through withlist, ie
| No Format |
|---|
$prefix/bin/withlist -l -r fix_url listname
|
or to do all lists at once
| No Format |
|---|
$prefix/bin/withlist -l -a -r fix_url
|
If you have lists in domains other than DEFAULT_URL_HOST you will need to do
| No Format |
|---|
$prefix/bin/withlist -l -r fix_url listname -u list_web_domain
|
...
4. If you want to access public archives via SSL, assign the value of the PUBLIC_ARCHIVE_URL Mailman configuration variable in mm_cfg.py to use the https scheme, e.g.
| No Format |
|---|
PUBLIC_ARCHIVE_URL = 'https://%(hostname)s/pipermail/%(listname)s'
|
and use one of the above techniques to enforce it.
Converted from the Mailman FAQ Wizard
This is one of many Frequently Asked Questions.