Date: Thu, 22 May 2003 12:24:15 -0400 From: Chuck Swiger <cswiger@mac.com> To: ODHIAMBO Washington <wash@wananchi.com> Cc: freebsd-questions@freebsd.org Subject: Re: For the experienced - stunnel and port 80 Message-ID: <3ECCF9AF.9010607@mac.com> In-Reply-To: <20030522134300.GH96496@ns2.wananchi.com> References: <20030522134300.GH96496@ns2.wananchi.com>
next in thread | previous in thread | raw e-mail | index | archive | help
ODHIAMBO Washington wrote: > I am running apache+modssl on port 443. I want stunnel to listen on port 80, > and then connect to port 443 instead, so that the users can just type > www.domain.tld and not https://www.domain.tld. [ ... ] > sockstat -l shows stunnel listening on port 80, but in the life of me, I > cannot just connect to that box if I do not use https://.... HTTP doesn't have the equivalent of STARTTLS for negotiating SSL over a plain HTTP connection; you have to specify https:// in the URL. Your attempted use of stunnel isn't going to do anything useful in terms of encrypting the connections between the client and web server. To solve the original problem, create seperate virtual domains for the site on port 80 and 443, and in the virutal section for the port-80 version do a: Redirect permanent / https://www.domain.tld -Chuck
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3ECCF9AF.9010607>