howto use https in favour of http
nightrecon at hotmail.com
Tue Oct 27 03:40:19 UTC 2009
Steve Bertrand wrote:
> Alexander Best wrote:
>> Olivier Nicole schrieb am 2009-10-27:
>>>> i've added the following line to my /etc/hosts:
>>>> permail.uni-muenster.de:25 permail.uni-muenster.de:443
>>>> so what i want is for freebsd to never use http, but https for that
>>>> unfortunately hosts doesn't seem to support this syntax.
>> i'm not using a webserver or anything. i'm just a regular user. the point
>> is: i often forget to specify https://... for that specific address in
>> apps like lynx or firefox. that's why the non-ssl version of that site is
>> being loaded. i'd like freebsd to take care of this so even if the app is
>> trying to access the non-ssl version it should in fact be redirected to
>> the ssl version by freebsd.
> I thought that this is what you were originally after.
> FreeBSD, in itself, can't do this... much like Mac OS or Windows can't
> do this.
> Most applications such as Firefox can't even do this (inherently).
> If you are trying to enforce this as a personal/company policy, you will
> need to write a 'wrapper' around your application (lynx/firefox) to do
> Note that your example was :25->:443, which implied SMTP over SSL...
> Nonetheless, FreeBSD can't make these decisions inherently (thankfully).
I think the OP does not have a clear grasp on how the various protocols
operate. Evidenced by confusing http with mail services. Yes, I know there
is 'web mail', but even web based mail is still a web server.
It is up to the server operator to configure the services on the server end
of things. Whether its SMTP with SSL/TLS, HTTP/HTTPS, pop3 or imap with SSL,
etc., all of these things are made to work at the server end. True enough a
client may need to be configured to talk on port 995 for pop3/SSL or port
993 for IMAP/SSL but for the web a client shouldn't need to do anything.
The web server operator configures which locations in his URI space should
be served up on port 443, and the client's browser should automatically
switch to HTTPS based upon this. The OP doesn't seem to understand that he
doesn't need to make this happen on his end, at least as far as HTTP/HTTPS
If he is actually trying to configure a mail client to talk TLS or SSL to an
SMTP server, then he needs to tell the email client software this. E.g.,
"This connection requires encryption" and whether it is SSL or TLS. Mail
servers on port 25 do not use HTTP or HTTPS, but rather SMTP.
So it seems as if he is just very confused.
More information about the freebsd-questions