Project

General

Profile

Lighttpd only https on specific port

Added by surjitsidhu 6 months ago

Good day,

My concert to avoid this error when browser send http request (mod_openssl.c.1505) SSL: 1 error:1407609C:SSL routines:SSL23_GET_CLIENT_HELLO:http request
Browser shows "ERR_EMPTY_RESPONSE"

How can I avoid, this so server only responds to https requests on specific port

Thanks,


Replies (13)

RE: Lighttpd only https on specific port - Added by fredfist 5 months ago

$SERVER["socket"] == ":443" {
ssl.engine = "enable"
ssl.pemfile = "/etc/ssl/server.pem"
server.document-root = "/www"

RE: Lighttpd only https on specific port - Added by fredfist 5 months ago

}

I forgot the closing brace

RE: Lighttpd only https on specific port - Added by surjitsidhu 5 months ago

i have same config in css, but i want to serve pages only on https
now it does both http as well https

RE: Lighttpd only https on specific port - Added by fredfist 5 months ago

I think the only two ways are a firewall rule or a redirection:

$HTTP["scheme"] == "http" {
$HTTP["host"] =~ ".*" {
url.redirect = (".*" => "https://%0$0")
}
}

RE: Lighttpd only https on specific port - Added by surjitsidhu 5 months ago

above config does not redirect http to https
still getting (mod_openssl.c.1505) SSL: 1 error:1407609C:SSL routines:SSL23_GET_CLIENT_HELLO:http request

may because I have SSL enabled on port
ssl.engine = "enable"
ssl.pemfile = "/usr/local/ssl/cert.pem"
ssl.ca-file = "/usr/local/ssl/intermediate.crt"

RE: Lighttpd only https on specific port - Added by fredfist 5 months ago

I guess there ist another ssl.engine = "enable" statement. Delete it. Post your config.

RE: Lighttpd only https on specific port - Added by surjitsidhu 5 months ago

I have attached the config

RE: Lighttpd only https on specific port - Added by surjitsidhu 5 months ago

also problem with intermediate.crt, isn't working still getting warning on some browsers (I'm using Letsencrypt SSL)

RE: Lighttpd only https on specific port - Added by fredfist 5 months ago

You enabled HTTPS for all ports.

replace lines 41-43 with

$SERVER["socket"] == ":443" {
ssl.engine = "enable"
ssl.pemfile = "/usr/local/lighttpd/ssl/cert.pem"
ssl.ca-file = "/usr/local/lighttpd/ssl/intermediate.crt"
server.document-root = "/usr/local/lighttpd/web/public"
}

This enables https for port 443 only.

RE: Lighttpd only https on specific port - Added by surjitsidhu 5 months ago

I want custom port with https and server should not respond on any other port

RE: Lighttpd only https on specific port - Added by fredfist 5 months ago

then replace 443 with your custom port. I dont see a possibility to disable port 80. Use a rewrite rule or your firewall.

RE: Lighttpd only https on specific port - Added by gstrauss 5 months ago

server.port = 443 If not specified, it defaults to 80.

RE: Lighttpd only https on specific port - Added by surjitsidhu 5 months ago

I have Apache2.4 running on port 80.
I just concern is to avoid error logging in error.log

when url with http entered in browser, it should not respond as 1.4.39 version does with same config file
Version 1.4.49 generate error

Thanks,

    (1-13/13)