Date: Thu, 22 May 2003 15:44:19 +0100 (BST) From: Jan Grant <Jan.Grant@bristol.ac.uk> To: ODHIAMBO Washington <wash@wananchi.com> Cc: freebsd-questions@freebsd.org Subject: Re: For the experienced - stunnel and port 80 Message-ID: <Pine.GSO.4.44.0305221540580.9794-100000@mail.ilrt.bris.ac.uk> In-Reply-To: <20030522134300.GH96496@ns2.wananchi.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, 22 May 2003, ODHIAMBO Washington wrote: > For those who have lived in the world of paranoia long enough, please welcome > me to that side of life ;) > > I am running apache+modssl on port 443. I want stunnel to listen on port 80, > and then connect to port 443 instead, so that the users can just type > www.domain.tld and not https://www.domain.tld. > > I have put this in stunnel.conf > > [https] > accept = 80 > connect = localhost:443 > > > sockstat -l shows stunnel listening on port 80, but in the life of me, I > cannot just connect to that box if I do not use https://.... > > Can someone bail me out here with advise?? Your browser is trying to talk HTTP because it thinks it's connecting to an SSL-less socket. If you want this to behave properly you ought to configure your apache to redirect non-SSL (ie, port 80) requests to your SSL site. There are a number of ways you can do this (preserving any path passed as part of the request or redirecting to the root of https://www.blah.../) - the httpd documentation for mod_alias and the "Redirect" directive are what you're after. -- jan grant, ILRT, University of Bristol. http://www.ilrt.bris.ac.uk/ Tel +44(0)117 9287088 Fax +44 (0)117 9287112 http://ioctl.org/jan/ (Things I've found in my attic, #2: A hundredweight of pornography.)
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.GSO.4.44.0305221540580.9794-100000>