[Solved] Trying to get locahost status without HTTPS cert failure
Added by jello almost 4 years ago
Hello,
I have followed the instructions at HowToRedirectHttpToHttps, and created /etc/lighttpd/conf-enabled/95-force-https.conf with the following content:
$HTTP["scheme"] == "http" { $SERVER["socket"] != "127.0.0.1:80" { $SERVER["socket"] != "[::1]:80" { url.redirect = ("" => "https://${url.authority}${url.path}${qsa}") } } }
However, when I try to access the server status page, mod_status, it DOES redirect my connection to https, and then fails because localhost is not on the SSL cert:
$ wget -O- http://localhost/server-status?auto --2020-06-02 00:30:31-- http://localhost/server-status?auto Resolving localhost (localhost)... ::1, 127.0.0.1 Connecting to localhost (localhost)|::1|:80... connected. HTTP request sent, awaiting response... 301 Moved Permanently Location: https://localhost/server-status?auto [following] --2020-06-02 00:30:31-- https://localhost/server-status?auto Connecting to localhost (localhost)|::1|:443... connected. The certificate's owner does not match hostname ‘localhost’
If I bypass the cert name mismatch, I do get the status output; however, I'd really like to get my config working so that localhost doesn't use https (seems unnecessary to me). I am running lighttpd 1.4.53 on Debian 10.4, full config attached. Any help appreciated!
Thanks,
--Joe
my_lighttpd.conf (35.7 KB) my_lighttpd.conf |
Replies (2)
RE: Trying to get locahost status without HTTPS cert failure - Added by gstrauss almost 4 years ago
$SERVER["socket"]
is for lighttpd listening sockets, and works if you have separate listening sockets, not also listening to "*"
For remote IPs, use $HTTP["remote-ip"]
$HTTP["scheme"] == "http" { $HTTP["remote-ip"] != "127.0.0.1" { $HTTP["remote-ip"] != "[::1]" { url.redirect = ("" => "https://${url.authority}${url.path}${qsa}") } } }
I'll update HowToRedirectHttpToHttps as remote-ip is probably easier to understand.
RE: Trying to get locahost status without HTTPS cert failure - Added by jello almost 4 years ago
That fixed it. Thanks very much for the help here and for lighttpd in general!
--Joe