Re: Listen 443 https

Am 14.09.2017 um 16:08 schrieb Stefan Eissing: Ok, as I read the code a bit more, there is a tangle of things that can influence port/scheme selection. But what I can see, the version in *trunk* should do the right thing *iff* a) you use "SSLEngine *:443" instead of "Optional" b) you use

Re: Flood 0.4 status? (was: flood 0.4 was never signed for?)

I know many of you had busy summers and August holidays... just want to be sure that nobody who wanted to comment has missed discussion of retiring the Flood subproject. If we don't reach any other conclusion or interest, we should wind this down next week in response to Daniel's concern from the

Re: Drop HttpProtocolOptions Unsafe from 2.later/3.0 httpd releases?

On Thu, Sep 14, 2017 at 4:50 AM, Nick Kew wrote: > On Wed, 13 Sep 2017 08:29:44 -0500 > William A Rowe Jr wrote: > >> So moving forwards, can we stop accepting stuff that isn't HTTP/1.1 in >> our HTTP/1.1 server? Do we really want people to configure their

Re: Listen 443 https

> Am 14.09.2017 um 16:19 schrieb Eric Covener : > >> To recap: I am looking for an easy way to instruct someone to enable https: >> for >> >> Listen 80 >> >> >> ServerName blabla.org >> ...lots of stuff... >> >> >> and with the current trunk, she can change this to:

Re: Listen 443 https

> To recap: I am looking for an easy way to instruct someone to enable https: > for > > Listen 80 > > >ServerName blabla.org >...lots of stuff... > > > and with the current trunk, she can change this to: > > Listen 80 > Listen 443 > SSLEngine *:443 > > ManagedDomain blabla.org > >

Re: Listen 443 https

Ok, as I read the code a bit more, there is a tangle of things that can influence port/scheme selection. But what I can see, the version in *trunk* should do the right thing *iff* a) you use "SSLEngine *:443" instead of "Optional" b) you use "ServerName xxx.yyy" *without* a port name the a

Re: Listen 443 https

Am 14.09.2017 um 15:40 schrieb Stefan Eissing: Harald, could you check if a configuration like: UseCanonicalPhysicalPort on in the server or vhost mitigates the problem? it makes it even more terrible and the resulting http:// protocol instead https// on port 443 here even tiggers

Re: Listen 443 https

Harald, could you check if a configuration like: UseCanonicalPhysicalPort on in the server or vhost mitigates the problem? Cheers, Stefan > Am 14.09.2017 um 12:00 schrieb Reindl Harald : > > > > Am 10.08.2017 um 18:22 schrieb Reindl Harald: >>> If you want to

Re: Listen 443 https

> Am 14.09.2017 um 12:00 schrieb Reindl Harald : > > > > Am 10.08.2017 um 18:22 schrieb Reindl Harald: >>> If you want to experiment... >>> >>> is already recognized >> but with "SSLEngine On" and "SSLCertificateFile" configured non-https no >> longer would work > >

Re: Listen 443 https

> Am 14.09.2017 um 14:56 schrieb Eric Covener : > > On Fri, Sep 8, 2017 at 5:03 AM, Stefan Eissing > wrote: >> >>> Am 08.09.2017 um 04:37 schrieb William A Rowe Jr : >>> >>> Reminder, this will not work with the current

Re: Listen 443 https

On Fri, Sep 8, 2017 at 5:03 AM, Stefan Eissing wrote: > >> Am 08.09.2017 um 04:37 schrieb William A Rowe Jr : >> >> Reminder, this will not work with the current server_rec, we have a 1:1 >> correspondence to the server port. We would need to

Re: Listen 443 https

Am 10.08.2017 um 18:22 schrieb Reindl Harald: If you want to experiment... is already recognized but with "SSLEngine On" and "SSLCertificateFile" configured non-https no longer would work OK, figured it out * you need the *first* vhost with "SSLEngine On" * others can have "SSLEngine

Re: Drop HttpProtocolOptions Unsafe from 2.later/3.0 httpd releases?

On Wed, 13 Sep 2017 08:29:44 -0500 William A Rowe Jr wrote: > So moving forwards, can we stop accepting stuff that isn't HTTP/1.1 in > our HTTP/1.1 server? Do we really want people to configure their > server to speak "other"? Did you mean to say "stop accepting ..."? >