Hi all, On Fri, Feb 6, 2015 at 12:08 PM, Erling Westenvik < [email protected]> wrote:
> On Thu, Feb 05, 2015 at 05:25:27PM -0600, Theodore Wynnychenko wrote: > > Hello > > Recently, there was a thread entitled "Best way forward w.r.t. > > apache/nginx/httpd?" > > > > My needs for an http server are pretty low; and I was planning on using > the > > new in-house httpd included in current. > > > > The only "fancy" thing I like is having http requests redirect to https. > > This is actually completely unnecessary for my uses, but, I would like to > > have it if I can. > > > > I see a note in the change log from 5.5 to 5.6 > > (http://www.openbsd.org/plus56.html) which states: "Redirect httpd(8) > to > > https:// if SSL/TLS is enabled." However, I do not see any other > reference > > to this behavior in the man pages. > > The man page for httpd(8) states in it's DESCRIPTION section that: "The > httpd daemon is an HTTP server with FastCGI AND SSL SUPPORT". And under > the SEE ALSO section it refers to httpd.conf(5). Have a look at the > latter. > > You want to specify something like: > > server "default" { > listen on $ext_ip port 443 > certificate <file> > ciphers <string> > key <file> > } > That configuration would throw a syntax error like: httpd[6892]: /etc/httpd.conf:25: syntax error Correct one needs to prepend "tls" to tls specific options: server "default" { listen on egress port 443 tls certificate <file> tls ciphers <string> tls key <file> } Regards. -- Pablo Méndez Hernández
