Failed to redirect http to https
Hi Support, I setup stunnel to a web server with apache Configuration like below, --- /usr/local/etc/stunnel/stunnel.conf ---------- ; It is recommended to drop root privileges if stunnel is started by root setuid = nobody setgid = nobody ; TLS front-end to a web server [https] accept = 443 connect = 127.0.0.1:80 cert = /usr/local/etc/stunnel/stunnel.pem --- end of /usr/local/etc/stunnel/stunnel.conf ---------- After stunnel started, https://xxx/ is working, http://xxx/ is also still working , which doesn't redirect to https://xxx automatically. As my understanding, all the connections from http should redirect to https through stunnel, right? What steps did I miss? I need your help. Thanks. [Ericsson]<http://www.ericsson.com/> DORIS HONGMEI Software Configuration Mgmt Engineer BUSS SA OSS&BSS BL CPM DU SEP GZ RelGrp Ericsson 5&6F, No 44-46 Jianzhong Road 510630,Guangzhou,Tian He Software Park, China Mobile +8613922114721 Office +862085117729 [email protected] www.ericsson.com [http://www.ericsson.com/current_campaign]<http://www.ericsson.com/current_campaign> Legal entity: Ericsson, registered office in CGC . This Communication is Confidential. We only send and receive email on the basis of the terms set out at www.ericsson.com/email_disclaimer<http://www.ericsson.com/email_disclaimer>
On Mon, 2016-06-27 04:02:24 +0000, Doris Hongmei wrote:
Hi Support, I setup stunnel to a web server with apache Configuration like below, --- /usr/local/etc/stunnel/stunnel.conf ---------- ; It is recommended to drop root privileges if stunnel is started by root setuid = nobody setgid = nobody
; TLS front-end to a web server [https] accept = 443 connect = 127.0.0.1:80 cert = /usr/local/etc/stunnel/stunnel.pem
--- end of /usr/local/etc/stunnel/stunnel.conf ----------
After stunnel started, https://xxx/ is working, http://xxx/ is also still working , which doesn't redirect to https://xxx automatically. As my understanding, all the connections from http should redirect to https through stunnel, right?
What steps did I miss? I need your help.
Doris, Stunnel does not change the setup of your web server. If you don't want http://xxx to work, you'll have to change the web server's configuration. It should make it either stop listening on external interfaces (by binding it to 127.0.0.1), or let /the web server/ redirect all inbound traffic (traffic not originated by 127.0.0.1) to HTTPS. HTH, Ludolf -- Ludolf Holzheid Bihl+Wiedemann GmbH Floßwörthstraße 41 68199 Mannheim, Germany Tel: +49 621 33996-0 Fax: +49 621 3392239 mailto:[email protected] http://www.bihl-wiedemann.de Sitz der Gesellschaft: Mannheim Geschäftsführer: Jochen Bihl, Bernhard Wiedemann Amtsgericht Mannheim, HRB 5796
I got it, Thanks. BR// Doris -----Original Message----- From: stunnel-users [mailto:[email protected]] On Behalf Of Ludolf Holzheid Sent: Monday, June 27, 2016 2:37 PM To: [email protected] Subject: Re: [stunnel-users] Failed to redirect http to https On Mon, 2016-06-27 04:02:24 +0000, Doris Hongmei wrote:
Hi Support, I setup stunnel to a web server with apache Configuration like below, --- /usr/local/etc/stunnel/stunnel.conf ---------- ; It is recommended to drop root privileges if stunnel is started by root setuid = nobody setgid = nobody
; TLS front-end to a web server [https] accept = 443 connect = 127.0.0.1:80 cert = /usr/local/etc/stunnel/stunnel.pem
--- end of /usr/local/etc/stunnel/stunnel.conf ----------
After stunnel started, https://xxx/ is working, http://xxx/ is also still working , which doesn't redirect to https://xxx automatically. As my understanding, all the connections from http should redirect to https through stunnel, right?
What steps did I miss? I need your help.
Doris, Stunnel does not change the setup of your web server. If you don't want http://xxx to work, you'll have to change the web server's configuration. It should make it either stop listening on external interfaces (by binding it to 127.0.0.1), or let /the web server/ redirect all inbound traffic (traffic not originated by 127.0.0.1) to HTTPS. HTH, Ludolf -- Ludolf Holzheid Bihl+Wiedemann GmbH Floßwörthstraße 41 68199 Mannheim, Germany Tel: +49 621 33996-0 Fax: +49 621 3392239 mailto:[email protected] http://www.bihl-wiedemann.de Sitz der Gesellschaft: Mannheim Geschäftsführer: Jochen Bihl, Bernhard Wiedemann Amtsgericht Mannheim, HRB 5796 _______________________________________________ stunnel-users mailing list [email protected] https://www.stunnel.org/cgi-bin/mailman/listinfo/stunnel-users
participants (2)
-
Doris Hongmei -
Ludolf Holzheid