httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Stefan Eissing <stefan.eiss...@greenbytes.de>
Subject Listen 443 https
Date Thu, 10 Aug 2017 13:28:44 GMT
Now that mod_md has landed in trunk, I am looking at more ways 
to simplify a SSL configuration. Looking at the Listen directive,
it has an optional 2nd protocol parameter.

Would it be unreasonable to assume that a
    Listen NNN https

means that "SSLEngine on" should be the default in all
    <VirtualHost *:NNN>
       ServerName xxx.yyy
       ...
    </VirtualHost>

sections? Would we expect breakage by such a change?

What about name-based virtual hosts that apply to _all_ 
addresses and ports? E.g. something like:
    <VirtualHost>
       ServerName xxx.yyy
       ...
       <If "%{HTTPS} != 'on'">
          Redirect permanent "/" "https://xxx.yyy/"
       </If>
       ...
    </VirtualHost>

Do you find that ugly/feasible/desirable?

-Stefan

Mime
View raw message