httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Reindl Harald <h.rei...@thelounge.net>
Subject Re: Listen 443 https
Date Thu, 14 Sep 2017 10:00:20 GMT


Am 10.08.2017 um 18:22 schrieb Reindl Harald:
>> If you want to experiment...
>> <VirtualHost IP:80 IP:443>
>> is already recognized
> 
> but with "SSLEngine On" and "SSLCertificateFile" configured non-https no 
> longer would work

OK, figured it out

* you need the *first* vhost with "SSLEngine On"
* others can have "SSLEngine optional" and listen to 80 and 443

but there is a bug: https://bz.apache.org/bugzilla/show_bug.cgi?id=61519

if the trailing slash is missing in the url the automatic redirect to 
the full qualified folder-path points to http:// instead https:// and 
that does not happen within a vhost dedicated to :443 and "SSLEngine On"

i was trapped in a endless loop because the php script making a redirect 
to https:// had a bug and missed the traling / too

<VirtualHost *:80 *:443>
  DocumentRoot "/www/contentlounge"
  ServerName contentlounge.rhsoft.net
  SSLEngine optional
  SSLCertificateFile "conf/ssl/rhsoft.net.pem"
</VirtualHost>

[harry@srv-rhsoft:~]$ curl --head --insecure https://contentlounge/cms
HTTP/1.1 301 Moved Permanently
Date: Thu, 14 Sep 2017 09:40:27 GMT
X-DNS-Prefetch-Control: off
X-Content-Type-Options: nosniff
X-Response-Time: D=1311 us
Location: http://contentlounge/cms/
Cache-Control: max-age=0
Expires: Thu, 14 Sep 2017 09:40:27 GMT
Content-Type: text/html; charset=iso-8859-1

Mime
View raw message