From owner-freebsd-questions@FreeBSD.ORG Thu May 22 09:27:25 2003 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id B814B37B407 for ; Thu, 22 May 2003 09:27:25 -0700 (PDT) Received: from ns2.wananchi.com (ns2.wananchi.com [62.8.64.4]) by mx1.FreeBSD.org (Postfix) with ESMTP id 45D4143F3F for ; Thu, 22 May 2003 09:27:24 -0700 (PDT) (envelope-from wash@wananchi.com) Received: from wash by ns2.wananchi.com with local (Exim 4.20 #5 (FreeBSD)) id 19IsuI-000CUe-5g; Thu, 22 May 2003 19:27:06 +0300 Date: Thu, 22 May 2003 19:27:06 +0300 From: ODHIAMBO Washington To: Chuck Swiger Message-ID: <20030522162706.GQ96496@ns2.wananchi.com> Mail-Followup-To: ODHIAMBO Washington , Chuck Swiger , freebsd-questions@freebsd.org References: <20030522134300.GH96496@ns2.wananchi.com> <3ECCF9AF.9010607@mac.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <3ECCF9AF.9010607@mac.com> X-Disclaimer: Any views expressed in this message,where not explicitly attributed otherwise, are mine alone!. X-Fortune: Broad-mindedness, n.: The result of flattening high-mindedness out. X-Operating-System: FreeBSD 4.8-STABLE i386 X-Best-Window-Manager: Blackbox X-Mailer: Mutt 1.5.3i (2002-12-17) X-Designation: Systems Administrator, Wananchi Online Ltd. X-Location: Nairobi, KE, East Africa. X-Uptime: 7:26PM up 5 days, 19:36, 4 users, load averages: 0.22, 0.25, 0.33 User-Agent: Mutt/1.5.3i X-SA-Exim-Mail-From: wash@wananchi.com X-SA-Exim-Scanned: No; SAEximRunCond expanded to false cc: freebsd-questions@freebsd.org Subject: Re: For the experienced - stunnel and port 80 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 22 May 2003 16:27:26 -0000 * Chuck Swiger [20030522 19:24]: wrote: > ODHIAMBO Washington wrote: > >I am running apache+modssl on port 443. I want stunnel to listen on port > >80, > >and then connect to port 443 instead, so that the users can just type > >www.domain.tld and not https://www.domain.tld. > [ ... ] > >sockstat -l shows stunnel listening on port 80, but in the life of me, I > >cannot just connect to that box if I do not use https://.... > > HTTP doesn't have the equivalent of STARTTLS for negotiating SSL over a > plain HTTP connection; you have to specify https:// in the URL. Your > attempted use of stunnel isn't going to do anything useful in terms of > encrypting the connections between the client and web server. > > To solve the original problem, create seperate virtual domains for the > site on port 80 and 443, and in the virutal section for the port-80 > version do a: > > Redirect permanent / https://www.domain.tld I have suspected all along that this would be the answer!! Thank you so much. I am now set. Best regards, Odhiambo Washington Wananchi Online Ltd. ___W_A_N_A_N_C_H_I__O_N_L_I_N_E__L_T_D___The People's Choice______ Wananchi Head Office |*| Tel: +254 2 313 985-9 1st Flr Loita, Loita St.|*| Fax: +254 2 313 922 10286-GPO, NAIROBI, KE |*| e-mail: ------------------------------------------------------------------ ++ Thy Word is a lamp unto my feet and a light unto my path. Psalms 119:105