Date: Thu, 22 May 2003 19:27:06 +0300 From: ODHIAMBO Washington <wash@wananchi.com> To: Chuck Swiger <cswiger@mac.com> Cc: freebsd-questions@freebsd.org Subject: Re: For the experienced - stunnel and port 80 Message-ID: <20030522162706.GQ96496@ns2.wananchi.com> In-Reply-To: <3ECCF9AF.9010607@mac.com> References: <20030522134300.GH96496@ns2.wananchi.com> <3ECCF9AF.9010607@mac.com>
next in thread | previous in thread | raw e-mail | index | archive | help
* Chuck Swiger <cswiger@mac.com> [20030522 19:24]: wrote: > ODHIAMBO Washington wrote: > >I am running apache+modssl on port 443. I want stunnel to listen on port > >80, > >and then connect to port 443 instead, so that the users can just type > >www.domain.tld and not https://www.domain.tld. > [ ... ] > >sockstat -l shows stunnel listening on port 80, but in the life of me, I > >cannot just connect to that box if I do not use https://.... > > HTTP doesn't have the equivalent of STARTTLS for negotiating SSL over a > plain HTTP connection; you have to specify https:// in the URL. Your > attempted use of stunnel isn't going to do anything useful in terms of > encrypting the connections between the client and web server. > > To solve the original problem, create seperate virtual domains for the > site on port 80 and 443, and in the virutal section for the port-80 > version do a: > > Redirect permanent / https://www.domain.tld I have suspected all along that this would be the answer!! Thank you so much. I am now set. Best regards, Odhiambo Washington Wananchi Online Ltd. ___W_A_N_A_N_C_H_I__O_N_L_I_N_E__L_T_D___The People's Choice______ Wananchi Head Office |*| Tel: +254 2 313 985-9 1st Flr Loita, Loita St.|*| Fax: +254 2 313 922 10286-GPO, NAIROBI, KE |*| e-mail: <wash at wananchi dot com> ------------------------------------------------------------------ ++ Thy Word is a lamp unto my feet and a light unto my path. Psalms 119:105
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030522162706.GQ96496>