httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Stefan Eissing <stefan.eiss...@greenbytes.de>
Subject Re: Listen 443 https
Date Thu, 14 Sep 2017 13:31:55 GMT

> Am 14.09.2017 um 12:00 schrieb Reindl Harald <h.reindl@thelounge.net>:
> 
> 
> 
> Am 10.08.2017 um 18:22 schrieb Reindl Harald:
>>> If you want to experiment...
>>> <VirtualHost IP:80 IP:443>
>>> is already recognized
>> but with "SSLEngine On" and "SSLCertificateFile" configured non-https no longer would
work
> 
> OK, figured it out
> 
> * you need the *first* vhost with "SSLEngine On"
> * others can have "SSLEngine optional" and listen to 80 and 443
> 
> but there is a bug: https://bz.apache.org/bugzilla/show_bug.cgi?id=61519

This seems what ap_get_server_port() does right now which is used by ap_construct_url(), which
is used in the redirect.

As William pointed out already, server_rec->port is the culprit. Will look at it to see
if it can be salvaged, at least for the standard ports.

-Stefan


> if the trailing slash is missing in the url the automatic redirect to the full qualified
folder-path points to http:// instead https:// and that does not happen within a vhost dedicated
to :443 and "SSLEngine On"
> 
> i was trapped in a endless loop because the php script making a redirect to https://
had a bug and missed the traling / too
> 
> <VirtualHost *:80 *:443>
> DocumentRoot "/www/contentlounge"
> ServerName contentlounge.rhsoft.net
> SSLEngine optional
> SSLCertificateFile "conf/ssl/rhsoft.net.pem"
> </VirtualHost>
> 
> [harry@srv-rhsoft:~]$ curl --head --insecure https://contentlounge/cms
> HTTP/1.1 301 Moved Permanently
> Date: Thu, 14 Sep 2017 09:40:27 GMT
> X-DNS-Prefetch-Control: off
> X-Content-Type-Options: nosniff
> X-Response-Time: D=1311 us
> Location: http://contentlounge/cms/
> Cache-Control: max-age=0
> Expires: Thu, 14 Sep 2017 09:40:27 GMT
> Content-Type: text/html; charset=iso-8859-1


Mime
View raw message