LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices


Reply
  Search this Thread
Old 03-22-2011, 11:18 AM   #1
vzxen
Member
 
Registered: Jul 2010
Posts: 126

Rep: Reputation: 4
HTTP to HTTPS on the same port


Hi,

I want to ENABLE SSL on a PORT 2222 :
Listen 2222
<VirtualHost *:2222>
ServerName localhost
DocumentRoot /usr/local/path
SSLEngine on
SSLCertificateFile /usr/local/path/conf/path.crt
SSLCertificateKeyFile /usr/local/path/conf/path.key
SSLCertificateChainFile /usr/local/path/conf/path-bundle.crt
</VirtualHost>

Now this works fine. But I also want the HTTP URL to work and redirect it to HTTPS.
When I visit http://IP:2222 I get :

Quote:
Bad Request

Your browser sent a request that this server could not understand.
Reason: You're speaking plain HTTP to an SSL-enabled server port.
Instead use the HTTPS scheme to access this URL, please.

Hint: https://localhost/
How should I make this request of http://IP:2222 REDIRECT to https://IP:2222

Last edited by vzxen; 03-22-2011 at 11:19 AM.
 
Old 03-22-2011, 11:25 AM   #2
SL00b
Member
 
Registered: Feb 2011
Location: LA, US
Distribution: SLES
Posts: 375

Rep: Reputation: 112Reputation: 112
It's not possible to have http and https on the same port, because different port assignments are the only way the server knows which language to speak.
 
Old 03-22-2011, 11:40 AM   #3
rgdacosta
Member
 
Registered: Jun 2007
Location: South Africa
Distribution: Linux Mint,Fedora, openSUSE, RHEL, SLES, Scientific Linux
Posts: 71

Rep: Reputation: 25
Both the browser and the server will be confused by this. The browser sends a HTTP request, the server then gets an invalid HTTPS request, so it's not strange you get HTTP error 400 (bad request).

Instead, use mod_rewrite on the Apache server to force HTTPS. Something like:

RewriteCond %{SERVER_PORT}!^443$
RewriteRule ^(.*)$ https://www.domain.com
 
Old 03-22-2011, 02:30 PM   #4
vzxen
Member
 
Registered: Jul 2010
Posts: 126

Original Poster
Rep: Reputation: 4
Hi,

I tried the RewriteRules but its not working !
Code:
Listen 2222
<VirtualHost *:2222>
ServerName localhost
DocumentRoot /usr/local/path
SSLEngine on
SSLCertificateFile /usr/local/path/conf/path.crt
SSLCertificateKeyFile /usr/local/path/conf/path.key
SSLCertificateChainFile /usr/local/path/conf/path-bundle.crt

RewriteEngine On 
RewriteCond %{HTTPS} off 
RewriteRule ^http\:(.*)$ https:$1 [P]

</VirtualHost>
Any idea ???
Is it not POSSIBLE to send a REDIRECT Header to point them https://ip:2222/
 
Old 03-22-2011, 02:40 PM   #5
rgdacosta
Member
 
Registered: Jun 2007
Location: South Africa
Distribution: Linux Mint,Fedora, openSUSE, RHEL, SLES, Scientific Linux
Posts: 71

Rep: Reputation: 25
Have you installed mod_rewrite?

/usr/lib/httpd/modules/mod_rewrite.so

Basically, your client's requests for http:// is converted to https://

I use that when I want to force https://
 
Old 03-22-2011, 02:57 PM   #6
grzesiek
LQ Newbie
 
Registered: Nov 2010
Location: Poland
Distribution: Debian
Posts: 20

Rep: Reputation: 0
Why not use iptables REDIRECT 80/tcp -> 2222/tcp?
 
Old 03-22-2011, 03:10 PM   #7
vzxen
Member
 
Registered: Jul 2010
Posts: 126

Original Poster
Rep: Reputation: 4
Hi,

mod_rewrite is enabled.
Had it not been Apache would have not started right ?
IPTABLES is not what I want to play with for this.

How should I redirect the Browser ?
Is there something wrong in My Virtualhost ?
 
Old 03-22-2011, 03:23 PM   #8
Slackyman
Member
 
Registered: Mar 2011
Location: Rome - Italy
Distribution: Slackware 13.1
Posts: 347

Rep: Reputation: 44
Try
Code:
Listen 2222
<VirtualHost *:2222>
ServerName localhost
DocumentRoot /usr/local/path
SSLEngine on
SSLCertificateFile /usr/local/path/conf/path.crt
SSLCertificateKeyFile /usr/local/path/conf/path.key
SSLCertificateChainFile /usr/local/path/conf/path-bundle.crt
RewriteEngine On 
RewriteCond %{HTTPS} off 
RewriteRule ^(.*)$ https://%{HTTP_HOST}/$1 [R,L]
</VirtualHost>
 
Old 03-23-2011, 04:01 AM   #9
vzxen
Member
 
Registered: Jul 2010
Posts: 126

Original Poster
Rep: Reputation: 4
Hi,

@Slackyman even that is now working
How should we do this ?

Is it not possible to enable SSLEngine on condition of :
%{HTTPS} on

Last edited by vzxen; 03-23-2011 at 04:11 AM.
 
Old 03-23-2011, 11:25 AM   #10
vzxen
Member
 
Registered: Jul 2010
Posts: 126

Original Poster
Rep: Reputation: 4
Hi,

Please can someone help me.
My apache error logs also does not show anything.
 
Old 03-23-2011, 01:35 PM   #11
bathory
LQ Guru
 
Registered: Jun 2004
Location: Piraeus
Distribution: Slackware
Posts: 13,214
Blog Entries: 1

Rep: Reputation: 2067Reputation: 2067Reputation: 2067Reputation: 2067Reputation: 2067Reputation: 2067Reputation: 2067Reputation: 2067Reputation: 2067Reputation: 2067Reputation: 2067
Hi,

You should put the rewrite stuff in a .htaccess in the DocumentRoot (/usr/local/path), or inside a <Directory /usr/local/path>...</Directory> stanza in httpd.conf

Regards
 
Old 03-24-2011, 04:31 AM   #12
Slackyman
Member
 
Registered: Mar 2011
Location: Rome - Italy
Distribution: Slackware 13.1
Posts: 347

Rep: Reputation: 44
Quote:
Originally Posted by vzxen View Post
Hi,

@Slackyman even that is now working
How should we do this ?

Is it not possible to enable SSLEngine on condition of :
%{HTTPS} on
Sorry, maybe I was drunk
 
Old 03-24-2011, 08:02 AM   #13
vzxen
Member
 
Registered: Jul 2010
Posts: 126

Original Poster
Rep: Reputation: 4
Hi,

@bathory
Quote:
Listen 2222
<VirtualHost *:2222>
ServerName localhost
DocumentRoot /usr/local/path
SSLEngine on
SSLCertificateFile /usr/local/path/conf/path.crt
SSLCertificateKeyFile /usr/local/path/conf/path.key
SSLCertificateChainFile /usr/local/path/conf/path-bundle.crt
<Directory /usr/local/virtualizor>
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}/$1 [R,L]
</Directory>
</VirtualHost>
I still get the 400 bad request.
 
Old 03-24-2011, 08:14 AM   #14
bathory
LQ Guru
 
Registered: Jun 2004
Location: Piraeus
Distribution: Slackware
Posts: 13,214
Blog Entries: 1

Rep: Reputation: 2067Reputation: 2067Reputation: 2067Reputation: 2067Reputation: 2067Reputation: 2067Reputation: 2067Reputation: 2067Reputation: 2067Reputation: 2067Reputation: 2067
Quote:
Originally Posted by vzxen View Post
Hi,

@bathory


I still get the 400 bad request.
You must not put it in the ssl vhost definition.
It's supposed to work with the non-ssl server, so when you get a http request, so it turns it into https
 
Old 03-24-2011, 11:24 AM   #15
16pide
Member
 
Registered: Jan 2010
Posts: 418

Rep: Reputation: 83
I believe the solution is described in http://webdesign.about.com/od/metata.../aa080300a.htm
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
[SOLVED] I can no longer access Smoothwall admin GUI (https port 441, or http port81) NZPenningtons Linux - Software 2 03-18-2013 09:40 AM
http and https wennie Linux - Software 1 04-01-2005 12:47 PM
turn off http port 80, keep https port 443 lothario Linux - Networking 6 02-11-2005 05:06 AM
HTTP to HTTPS shegde Linux - Software 8 01-31-2003 05:29 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Server

All times are GMT -5. The time now is 08:52 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration