Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!

Allow iCal subscriptions on secure servers Apps
Note: this only works if you have your own Apache server or have access to the webserver directory (then you can use .htaccess files).

iCal has a nasty input control bug. You can't subscribe to a calendar through an https:// url. The "normal" workaround for this bug is first subscribe to http:// calendar (insecure), then manualy edit ~/Library -> Preferences -> com.apple.iCal.sources.plist and replace http:// with https://. But if you want to share the calendar with "normal" Apple users, you can't ask them to edit their config files... it would be against the evolution (of the species) ;-). The solution:
  1. Publish the calendar on a secure site. The final URL would be: https://www.secure.tld/dav/calendar.ics
  2. For the communication with subscribers, use non-secure URL, for example: http://www.nonsecure.tld/dav/calendar.ics.
  3. On the server where non-secure site is hosted, put the following code in httpd.conf (or in an .htaccess file) inside the scope of the non-secure site:
    
    <Location /dav>
    RedirectMatch (.*)$ https://www.secure.tld$1
    </Location>
    
That's it! Now you can subscribe to http://www.nonsecure.tld/dav/calendar.ics in your iCal and still be secure.
    •    
  • Currently 1.00 / 5
  • 1
  • 2
  • 3
  • 4
  • 5
  (1 vote cast)
 
[9,051 views]  

Allow iCal subscriptions on secure servers | 9 comments | Create New Account
Click here to return to the 'Allow iCal subscriptions on secure servers' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
Allow iCal subscriptions on secure servers
Authored by: nvdingo on Nov 10, '03 12:16:59PM

this also assumes that the apache server has mod_dav turned on. there are a lot of ways you can compromise your system by turning DAV on.

Dont turn DAV on on your server if you haven't read a LOT about configuring it. I recommend a book that i think is called Managing Linux Apache servers. (i don't have the book with me right now, sorry if I get this wrong.) It has a whole chapter on setting up DAV and the security implications of various options.



[ Reply to This | # ]
Allow iCal subscriptions on secure servers
Authored by: bluehz on Nov 11, '03 08:14:54AM

Webdav info is a bit scarce and I am always looking for me detailed info. Could you give us some more info on this bok you mentioned "Managing Linux Apache servers"? I searched google, etc and found nothing under that exact title.



[ Reply to This | # ]
Allow iCal subscriptions on secure servers
Authored by: nvdingo on Nov 11, '03 01:05:24PM

Okay, i got the book title wrong. Amazingly, i just managed to remember about my post yesterday when i got to the office today.

The book is called:
Linux Apache Web Server Administration.

and embarrassingly enough, it's not the book that has the WebDAV info in it. Too many tech books, they all start to run together.

Still, if you want to know how to play with apache config options and what implications they have, i highly recommend this book.

i did find a section on webdav in MacOS X Unleashed, but that's not the long description i was talking about.

I can't remember where i read it. sorry



[ Reply to This | # ]
WebDAV links
Authored by: nvdingo on Nov 11, '03 01:07:15PM

Since i can't remember the book i read it in, if anyone is interested in reading about webDAV, go to the source

http://www.webdav.org/



[ Reply to This | # ]
Allow iCal subscriptions on secure servers
Authored by: shneusk on Nov 11, '03 03:12:15PM

if WebDAV has security issues, why use it? instead of "publishing" your calendar, why not setup a cron job and a .netrc file to periodically upload your .ics files to a web server and let people subscribe to them there? you can even do your ftping through an ssh tunnel to make it secure



[ Reply to This | # ]
Allow iCal subscriptions on secure servers
Authored by: halmos on Nov 10, '03 12:18:37PM

Can someone maybe expound on some of the things that would be missing in the above steps if one was, say, just hit on the head by a meteor and who has not been using UNIX since the 60s? Thanks.



[ Reply to This | # ]
Allow iCal subscriptions on secure servers
Authored by: halmos on Nov 10, '03 12:21:02PM

Aah. Wrote mine as the one above was writing his. It certainly explains a bit of the troubles i'm having setting this up.



[ Reply to This | # ]
Allow iCal subscriptions on secure servers
Authored by: sthooker on Apr 12, '05 03:19:55PM

This is a cool idea, but 1) iCal still balks, and 2) I haven't tested this with all available browsers, but at least Safari will send the auth info in the clear first (if it has it in, say, the Keychain) before the HTTPS connection is made. This is consistent with the HTTP Auth behavior I've witnessed with other browsers in other circumstances, so while this is easier than having your clients edit their config files, it doesn't buy you complete security for the calendaring system. It'd be better if iCal supported HTTPS anyway. I mean: why not?



[ Reply to This | # ]
Allow iCal subscriptions on secure servers
Authored by: sthooker on Apr 12, '05 04:08:48PM
My bad: iCal doesn't support HTTPS to servers sporting self-signed SSL certificates. Important distinction. Still, a little annoying if you're just trying to publish your own on a sandbox webserver.

[ Reply to This | # ]