https://bz.apache.org/bugzilla/show_bug.cgi?id=61519
--- Comment #13 from Eric Covener <[email protected]> --- (In reply to Reindl Harald from comment #12) > i doubt that "SSLengine optional" is STARTTLS, for sure not when you type > https:// in your browser - anyways, irrelevant, the port is just plain wrong > because with https:// the browser definitly don't connect to port 80 at all The manual says it's for starrtls, which you're not using, but it's what makes the absolute basics of your specific config appear to work until a redirect is generated. > and this all is a real problem because it introuces all sorts of hidden > troubles and currently the only solution would be configure the whole > <VirtualHost> twice which don't scale for larger setups It works for nearly everyone else. > > i don't know the internals but they should not be that complex to begin with > that in this context any problems can be triggered when a client just calls > "https://example.com/myfolder"; because the fact that it was https is > obviously known, the port itself is known on the network layer and > REQUEST_SCHEME is pretty simple known by the fact of "HTTPS on" is correct In the context of STARTTLS it seems reasonable. Optional was poorly named, but it was clearly never meant to be used for requests that already negotiated SSL at the connection level (in a default vhost). > what happens when you have <VirtualHost *:80 *:81 *:82> without https part > of the game? does then also 80 "win" and why when it's pretty simple to konw > the port by the fact that there is a socket connection and config-guessing > is pretty useless because of that No, the port or absence of a port in the Host: header "wins". Even getting the port right is surprisingly not as simple as you'd think. -- You are receiving this mail because: You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
