http->https redirect problem on Apache

Toggle sidebar Toggle sidebar
S

screw3d

Diamond Member
Nov 6, 2001
6,906
1
76
I have Apache/2.0.59, mod_ssl/2.0.59, OpenSSL/0.9.8d with HTTP running on port 8000 and SSL running at port 9000.

Right now, I have mod_rewrite set up such that http://hostname:8000/ redirects to https://hostname:9000/ just fine.

However, if I do http://hostname:9000/, I will get a 400 Bad Request page:

---
Bad Request

Your browser sent a request that this server could not understand.
Reason: You're speaking plain HTTP to an SSL-enabled server port.
Instead use the HTTPS scheme to access this URL, please.

Hint: https://hostname:9000/
---

It looks like this page will only appear if I use HTTP and explicitly specify the SSL port number, which I have to when I'm using port 9000. For example, on my other test server, http://hostname/ will redirect to https://hostname/ just fine, but http://hostname:443/ will give me the above error.

Relevant httpd.conf lines:
RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^(.*)$ https://%{SERVER_NAME}$1 [L,R=301]

So how can I make this redirect work? Thanks.
 
S

screw3d

Diamond Member
Nov 6, 2001
6,906
1
76
Originally posted by: DaiShan
Your redirect works, your ssl works, but you are trying to run non-ssl traffic on the ssl port, which will not work. You have to type https://hostname:9000 http://hostname:9000 will not work, as the error message already told you...
Click to expand...

Yes, I already know that. My actual question is if there's way around that. Sorry if that's not clear enough.
 
N

nweaver

Diamond Member
Jan 21, 2001
6,813
1
0
I don't think so...


You are making a request (NON SSL) to an SSL port, and it' refused to reply.


In the first example, you are making a NON SSL request to a NON SSL port, and get redirected to the SSL port, using SSL.


make sense?
 
S

spidey07

No Lifer
Aug 4, 2000
65,469
5
76
Originally posted by: screw3d
Originally posted by: DaiShan
Your redirect works, your ssl works, but you are trying to run non-ssl traffic on the ssl port, which will not work. You have to type https://hostname:9000 http://hostname:9000 will not work, as the error message already told you...
Click to expand...

Yes, I already know that. My actual question is if there's way around that. Sorry if that's not clear enough.
Click to expand...

No.

It's like speaking spanish to somebody who is only listening for and understands english. won't work. HTTP and HTTPS are completely different protocols.
 
kamper

kamper

Diamond Member
Mar 18, 2003
5,513
0
0
What exactly are you trying to do? It seems to me like you're trying to force a client to use https for certain urls, but doesn't mod_rewrite work entirely on the server side? (Hence the request would still go over the interweb on port 8000). Sorry if I completely misunderstood...
 
S

screw3d

Diamond Member
Nov 6, 2001
6,906
1
76
Originally posted by: kamper
What exactly are you trying to do? It seems to me like you're trying to force a client to use https for certain urls, but doesn't mod_rewrite work entirely on the server side? (Hence the request would still go over the interweb on port 8000). Sorry if I completely misunderstood...
Click to expand...

I want all requests on that host to use HTTPS. I thought that there's some directive out there that can just perform a simple redirect.. but that 400 page is hardcoded in the binary :/

Originally posted by: spidey07
No.

It's like speaking spanish to somebody who is only listening for and understands english. won't work. HTTP and HTTPS are completely different protocols.
Click to expand...
Going with your analogy, what if you have something like - if you understand English, fine, if you hear anything other than English, then perform this action anyway.

So I was just thinking - if the SSL port gets a HTTP request (or anything else), it doesn't matter if it doesn't understand HTTP, just do the redirect based on the URL.

Thanks for the patience guys.. it's not a big deal at all but this thing has bugged me for a while.. and I don't take no for an answer godamnit :p
 
N

nweaver

Diamond Member
Jan 21, 2001
6,813
1
0
The problem is, you can't do that...

are you going to redirect my SMTP request to your SSL port?

How about my malformed RDP request?

the thing is, you either CAN speak or you CAN'T...the reason that the redirection mod works is that it reads and understands the HTTP protocol, and tells it "Yes, I understand, go talk to my brother, SSL" If you can't speak to it (i.e. http) then you cannot tell it where to go.
 
kamper

kamper

Diamond Member
Mar 18, 2003
5,513
0
0
Originally posted by: screw3d
Originally posted by: kamper
What exactly are you trying to do? It seems to me like you're trying to force a client to use https for certain urls, but doesn't mod_rewrite work entirely on the server side? (Hence the request would still go over the interweb on port 8000). Sorry if I completely misunderstood...
Click to expand...
I want all requests on that host to use HTTPS.
Click to expand...
But the client is not using https, which completely defeats the purpose, doesn't it?
 
You must log in or register to reply here.

TRENDING THREADS

COMPANY
RESOURCES
FOLLOW
Top Bottom