Harald, could you check if a configuration like:
UseCanonicalPhysicalPort on in the server or vhost mitigates the problem? Cheers, Stefan > Am 14.09.2017 um 12:00 schrieb Reindl Harald <h.rei...@thelounge.net>: > > > > Am 10.08.2017 um 18:22 schrieb Reindl Harald: >>> If you want to experiment... >>> <VirtualHost IP:80 IP:443> >>> is already recognized >> but with "SSLEngine On" and "SSLCertificateFile" configured non-https no >> longer would work > > OK, figured it out > > * you need the *first* vhost with "SSLEngine On" > * others can have "SSLEngine optional" and listen to 80 and 443 > > but there is a bug: https://bz.apache.org/bugzilla/show_bug.cgi?id=61519 > > if the trailing slash is missing in the url the automatic redirect to the > full qualified folder-path points to http:// instead https:// and that does > not happen within a vhost dedicated to :443 and "SSLEngine On" > > i was trapped in a endless loop because the php script making a redirect to > https:// had a bug and missed the traling / too > > <VirtualHost *:80 *:443> > DocumentRoot "/www/contentlounge" > ServerName contentlounge.rhsoft.net > SSLEngine optional > SSLCertificateFile "conf/ssl/rhsoft.net.pem" > </VirtualHost> > > [harry@srv-rhsoft:~]$ curl --head --insecure https://contentlounge/cms > HTTP/1.1 301 Moved Permanently > Date: Thu, 14 Sep 2017 09:40:27 GMT > X-DNS-Prefetch-Control: off > X-Content-Type-Options: nosniff > X-Response-Time: D=1311 us > Location: http://contentlounge/cms/ > Cache-Control: max-age=0 > Expires: Thu, 14 Sep 2017 09:40:27 GMT > Content-Type: text/html; charset=iso-8859-1
