For the experienced - stunnel and port 80
Chuck Swiger
cswiger at mac.com
Thu May 22 09:24:19 PDT 2003
ODHIAMBO Washington wrote:
> I am running apache+modssl on port 443. I want stunnel to listen on port 80,
> and then connect to port 443 instead, so that the users can just type
> www.domain.tld and not https://www.domain.tld.
[ ... ]
> sockstat -l shows stunnel listening on port 80, but in the life of me, I
> cannot just connect to that box if I do not use https://....
HTTP doesn't have the equivalent of STARTTLS for negotiating SSL over a
plain HTTP connection; you have to specify https:// in the URL. Your
attempted use of stunnel isn't going to do anything useful in terms of
encrypting the connections between the client and web server.
To solve the original problem, create seperate virtual domains for the
site on port 80 and 443, and in the virutal section for the port-80
version do a:
Redirect permanent / https://www.domain.tld
-Chuck
More information about the freebsd-questions
mailing list