lighttpd 1.4.48 : simultaneous HTTPS connection to lighttpd on IPv4 and IPv6 is not working
Added by nlimbani over 6 years ago
- lighttpd -v
lighttpd/1.4.48 (ssl) - a light and fast webserver #
My device support DUAL stack IP mode (IPV4 and IPv6 both).
I want to configure lighttpd for HTTPS access on IPV4 and IPv6. I use following configuration to achieve this.
[....]
server.port = 443
$SERVER["socket"] == "0.0.0.0:443" {
ssl.engine = "enable"
ssl.pemfile = "<path to certificate file on the device>"
}
$SERVER["socket"] == "[::]:443" {
ssl.engine = "enable"
ssl.pemfile = "<path to certificate file on the device>"
}
[....]
But with this configuration HTTPS is accessible on IPv6 only. It is not accessible on IPv4.
Am I using the right configuration in this case?
Regards,
Narendra
Replies (3)
RE: lighttpd 1.4.48 : simultaneous HTTPS connection to lighttpd on IPv4 and IPv6 is not working - Added by gstrauss over 6 years ago
I just verified on an x86 machine with lighttpd 1.4.51 and that syntax works as expected.
Check the values of server.use-ipv6 or server.set-v6only if you are setting them in your config, though the values should not matter since you are explicitly specifying both IPv4 and IPv6 addresses, as is recommended.
RE: lighttpd 1.4.48 : simultaneous HTTPS connection to lighttpd on IPv4 and IPv6 is not working - Added by nlimbani over 6 years ago
I am not explicitly setting the values for server.use-ipv6 or server.set-v6only in the config file.
But when I run the command "sysctl net.ipv6.bindv6only" I see following output.
# sysctl net.ipv6.bindv6only net.ipv6.bindv6only = 1 #
Is this configuration causing the issue?
Is there any way available to debug this issue?
In this particular case the output of netstat command shows that a listening port(443 - https) for the address "0.0.0.0" and "::" is successfully opened.
RE: lighttpd 1.4.48 : simultaneous HTTPS connection to lighttpd on IPv4 and IPv6 is not working - Added by nlimbani over 6 years ago
I could achieve HTTPS on IPv4 and IPv6 by using following configuration.
ssl.engine = "enable"
ssl.pemfile = "<path to cert file>"
$SERVER["socket"] == ":443" { ssl.engine = "enable" }
$SERVER["socket"] == "[::]:443" { ssl.engine = "enable" }