Am 14.09.2017 um 16:08 schrieb Stefan Eissing:
Ok, as I read the code a bit more, there is a tangle of things that can
influence port/scheme selection. But what I can see, the version in *trunk*
should do the right thing *iff*
a) you use "SSLEngine *:443" instead of "Optional"
b) you use
I know many of you had busy summers and August holidays... just want
to be sure that nobody who wanted to comment has missed discussion
of retiring the Flood subproject.
If we don't reach any other conclusion or interest, we should wind this down
next week in response to Daniel's concern from the
On Thu, Sep 14, 2017 at 4:50 AM, Nick Kew wrote:
> On Wed, 13 Sep 2017 08:29:44 -0500
> William A Rowe Jr wrote:
>
>> So moving forwards, can we stop accepting stuff that isn't HTTP/1.1 in
>> our HTTP/1.1 server? Do we really want people to configure their
> Am 14.09.2017 um 16:19 schrieb Eric Covener :
>
>> To recap: I am looking for an easy way to instruct someone to enable https:
>> for
>>
>> Listen 80
>>
>>
>> ServerName blabla.org
>> ...lots of stuff...
>>
>>
>> and with the current trunk, she can change this to:
> To recap: I am looking for an easy way to instruct someone to enable https:
> for
>
> Listen 80
>
>
>ServerName blabla.org
>...lots of stuff...
>
>
> and with the current trunk, she can change this to:
>
> Listen 80
> Listen 443
> SSLEngine *:443
>
> ManagedDomain blabla.org
>
>
Ok, as I read the code a bit more, there is a tangle of things that can
influence port/scheme selection. But what I can see, the version in *trunk*
should do the right thing *iff*
a) you use "SSLEngine *:443" instead of "Optional"
b) you use "ServerName xxx.yyy" *without* a port name
the a
Am 14.09.2017 um 15:40 schrieb Stefan Eissing:
Harald,
could you check if a configuration like:
UseCanonicalPhysicalPort on
in the server or vhost mitigates the problem?
it makes it even more terrible and the resulting http:// protocol
instead https// on port 443 here even tiggers
Harald,
could you check if a configuration like:
UseCanonicalPhysicalPort on
in the server or vhost mitigates the problem?
Cheers,
Stefan
> Am 14.09.2017 um 12:00 schrieb Reindl Harald :
>
>
>
> Am 10.08.2017 um 18:22 schrieb Reindl Harald:
>>> If you want to
> Am 14.09.2017 um 12:00 schrieb Reindl Harald :
>
>
>
> Am 10.08.2017 um 18:22 schrieb Reindl Harald:
>>> If you want to experiment...
>>>
>>> is already recognized
>> but with "SSLEngine On" and "SSLCertificateFile" configured non-https no
>> longer would work
>
>
> Am 14.09.2017 um 14:56 schrieb Eric Covener :
>
> On Fri, Sep 8, 2017 at 5:03 AM, Stefan Eissing
> wrote:
>>
>>> Am 08.09.2017 um 04:37 schrieb William A Rowe Jr :
>>>
>>> Reminder, this will not work with the current
On Fri, Sep 8, 2017 at 5:03 AM, Stefan Eissing
wrote:
>
>> Am 08.09.2017 um 04:37 schrieb William A Rowe Jr :
>>
>> Reminder, this will not work with the current server_rec, we have a 1:1
>> correspondence to the server port. We would need to
Am 10.08.2017 um 18:22 schrieb Reindl Harald:
If you want to experiment...
is already recognized
but with "SSLEngine On" and "SSLCertificateFile" configured non-https no
longer would work
OK, figured it out
* you need the *first* vhost with "SSLEngine On"
* others can have "SSLEngine
On Wed, 13 Sep 2017 08:29:44 -0500
William A Rowe Jr wrote:
> So moving forwards, can we stop accepting stuff that isn't HTTP/1.1 in
> our HTTP/1.1 server? Do we really want people to configure their
> server to speak "other"?
Did you mean to say "stop accepting ..."?
>
13 matches
Mail list logo