Hello, On 2018-03-29 04:16, Stefan Eissing wrote: > Besides, except for data center setups, Apache will be used *only* > with https: (and http: redirects to https:) very, very soon. That > shifts the average expertise of an admin setting up a https: site.
This statement makes me a bit nervous. Are you saying that there won't
be a way to use Apache with http anymore? (Since I don't know what a
data center setup entails that is - new directive, http only setup, ...)
Also, the 'will be used' part is a bit puzzling. This part rather
suggests that all users will magically only use https from that point
forward. Or was it meant as "Apache will only use https anymore"?
I'm basically using https anyway, however there are connections that
*must* be plain http, e.g. the ACME challenge. I like to use my own
scripts for maintaining the certificates thus I am not using the Apache
module, which further means that I must have control over Apache's http
setup.
I'm doing something like this:
<VirtualHost IP_ADDRESS:80>
ServerName HOSTNAME:80
Alias "/.well-known/acme-challenge/"
"/COMMON_DIR/acme-challenge/.well-known/acme-challenge/"
<Directory "/COMMON_DIR/acme-challenge/">
Require all granted
</Directory>
RewriteEngine On
RewriteCond %{REQUEST_URI} !^/\.well-known/acme-challenge/.*
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [QSA,L,R=301]
</VirtualHost>
<VirtualHost IP_ADDRESS:443>
ServerName HOSTNAME:443
# Your "real" configuration here
</VirtualHost>
Can you please elaborate on your above statement and clear that up for me?
Cheers,
K. C.
--
regards Helmut K. C. Tessarek KeyID 0x172380A011EF4944
Key fingerprint = 8A55 70C1 BD85 D34E ADBC 386C 1723 80A0 11EF 4944
/*
Thou shalt not follow the NULL pointer for chaos and madness
await thee at its end.
*/
signature.asc
Description: OpenPGP digital signature
