Linux - Server This forum is for the discussion of Linux Software used in a server related context. |
Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
|
|
03-22-2011, 11:18 AM
|
#1
|
Member
Registered: Jul 2010
Posts: 126
Rep:
|
HTTP to HTTPS on the same port
Hi,
I want to ENABLE SSL on a PORT 2222 :
Listen 2222
<VirtualHost *:2222>
ServerName localhost
DocumentRoot /usr/local/path
SSLEngine on
SSLCertificateFile /usr/local/path/conf/path.crt
SSLCertificateKeyFile /usr/local/path/conf/path.key
SSLCertificateChainFile /usr/local/path/conf/path-bundle.crt
</VirtualHost>
Now this works fine. But I also want the HTTP URL to work and redirect it to HTTPS.
When I visit http://IP:2222 I get :
Quote:
Bad Request
Your browser sent a request that this server could not understand.
Reason: You're speaking plain HTTP to an SSL-enabled server port.
Instead use the HTTPS scheme to access this URL, please.
Hint: https://localhost/
|
How should I make this request of http://IP:2222 REDIRECT to https://IP:2222
Last edited by vzxen; 03-22-2011 at 11:19 AM.
|
|
|
03-22-2011, 11:25 AM
|
#2
|
Member
Registered: Feb 2011
Location: LA, US
Distribution: SLES
Posts: 375
Rep:
|
It's not possible to have http and https on the same port, because different port assignments are the only way the server knows which language to speak.
|
|
|
03-22-2011, 11:40 AM
|
#3
|
Member
Registered: Jun 2007
Location: South Africa
Distribution: Linux Mint,Fedora, openSUSE, RHEL, SLES, Scientific Linux
Posts: 71
Rep:
|
Both the browser and the server will be confused by this. The browser sends a HTTP request, the server then gets an invalid HTTPS request, so it's not strange you get HTTP error 400 (bad request).
Instead, use mod_rewrite on the Apache server to force HTTPS. Something like:
RewriteCond %{SERVER_PORT}!^443$
RewriteRule ^(.*)$ https://www.domain.com
|
|
|
03-22-2011, 02:30 PM
|
#4
|
Member
Registered: Jul 2010
Posts: 126
Original Poster
Rep:
|
Hi,
I tried the RewriteRules but its not working !
Code:
Listen 2222
<VirtualHost *:2222>
ServerName localhost
DocumentRoot /usr/local/path
SSLEngine on
SSLCertificateFile /usr/local/path/conf/path.crt
SSLCertificateKeyFile /usr/local/path/conf/path.key
SSLCertificateChainFile /usr/local/path/conf/path-bundle.crt
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^http\:(.*)$ https:$1 [P]
</VirtualHost>
Any idea ???
Is it not POSSIBLE to send a REDIRECT Header to point them https://ip:2222/
|
|
|
03-22-2011, 02:40 PM
|
#5
|
Member
Registered: Jun 2007
Location: South Africa
Distribution: Linux Mint,Fedora, openSUSE, RHEL, SLES, Scientific Linux
Posts: 71
Rep:
|
Have you installed mod_rewrite?
/usr/lib/httpd/modules/mod_rewrite.so
Basically, your client's requests for http:// is converted to https://
I use that when I want to force https://
|
|
|
03-22-2011, 02:57 PM
|
#6
|
LQ Newbie
Registered: Nov 2010
Location: Poland
Distribution: Debian
Posts: 20
Rep:
|
Why not use iptables REDIRECT 80/tcp -> 2222/tcp?
|
|
|
03-22-2011, 03:10 PM
|
#7
|
Member
Registered: Jul 2010
Posts: 126
Original Poster
Rep:
|
Hi,
mod_rewrite is enabled.
Had it not been Apache would have not started right ?
IPTABLES is not what I want to play with for this.
How should I redirect the Browser ?
Is there something wrong in My Virtualhost ?
|
|
|
03-22-2011, 03:23 PM
|
#8
|
Member
Registered: Mar 2011
Location: Rome - Italy
Distribution: Slackware 13.1
Posts: 347
Rep:
|
Try
Code:
Listen 2222
<VirtualHost *:2222>
ServerName localhost
DocumentRoot /usr/local/path
SSLEngine on
SSLCertificateFile /usr/local/path/conf/path.crt
SSLCertificateKeyFile /usr/local/path/conf/path.key
SSLCertificateChainFile /usr/local/path/conf/path-bundle.crt
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}/$1 [R,L]
</VirtualHost>
|
|
|
03-23-2011, 04:01 AM
|
#9
|
Member
Registered: Jul 2010
Posts: 126
Original Poster
Rep:
|
Hi,
@Slackyman even that is now working
How should we do this ?
Is it not possible to enable SSLEngine on condition of :
%{HTTPS} on
Last edited by vzxen; 03-23-2011 at 04:11 AM.
|
|
|
03-23-2011, 11:25 AM
|
#10
|
Member
Registered: Jul 2010
Posts: 126
Original Poster
Rep:
|
Hi,
Please can someone help me.
My apache error logs also does not show anything.
|
|
|
03-23-2011, 01:35 PM
|
#11
|
LQ Guru
Registered: Jun 2004
Location: Piraeus
Distribution: Slackware
Posts: 13,214
|
Hi,
You should put the rewrite stuff in a .htaccess in the DocumentRoot (/usr/local/path), or inside a <Directory /usr/local/path>...</Directory> stanza in httpd.conf
Regards
|
|
|
03-24-2011, 04:31 AM
|
#12
|
Member
Registered: Mar 2011
Location: Rome - Italy
Distribution: Slackware 13.1
Posts: 347
Rep:
|
Quote:
Originally Posted by vzxen
Hi,
@Slackyman even that is now working
How should we do this ?
Is it not possible to enable SSLEngine on condition of :
%{HTTPS} on
|
Sorry, maybe I was drunk
|
|
|
03-24-2011, 08:02 AM
|
#13
|
Member
Registered: Jul 2010
Posts: 126
Original Poster
Rep:
|
Hi,
@bathory
Quote:
Listen 2222
<VirtualHost *:2222>
ServerName localhost
DocumentRoot /usr/local/path
SSLEngine on
SSLCertificateFile /usr/local/path/conf/path.crt
SSLCertificateKeyFile /usr/local/path/conf/path.key
SSLCertificateChainFile /usr/local/path/conf/path-bundle.crt
<Directory /usr/local/virtualizor>
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}/$1 [R,L]
</Directory>
</VirtualHost>
|
I still get the 400 bad request.
|
|
|
03-24-2011, 08:14 AM
|
#14
|
LQ Guru
Registered: Jun 2004
Location: Piraeus
Distribution: Slackware
Posts: 13,214
|
Quote:
Originally Posted by vzxen
Hi,
@bathory
I still get the 400 bad request.
|
You must not put it in the ssl vhost definition.
It's supposed to work with the non-ssl server, so when you get a http request, so it turns it into https
|
|
|
03-24-2011, 11:24 AM
|
#15
|
Member
Registered: Jan 2010
Posts: 418
Rep:
|
|
|
|
All times are GMT -5. The time now is 08:52 PM.
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
Latest Threads
LQ News
|
|