On Saturday 29 April 2017 14:49:04 Gene Heskett wrote: > On Saturday 29 April 2017 14:21:27 Jochen Spieker wrote: > > Gene Heskett: > > > On Saturday 29 April 2017 04:05:01 Felix Dietrich wrote: > > >> Gene Heskett <ghesk...@shentel.net> writes: > > >>> Where can I find a tut that is a complete instruction set to > > >>> have it do an auto-redirect to itself, but using the "s" stuff > > >>> regardless of the accessing client as long as the client can > > >>> handle the https stuff this conversion will return to the > > >>> client? > > > > What you want to do requires that you understand the basics of > > Apache's configuration mechanism. You should really start with that. > > > > http://httpd.apache.org/docs/2.4/en/getting-started.html > > http://httpd.apache.org/docs/2.4/en/bind.html > > http://httpd.apache.org/docs/2.4/en/configuring.html > > http://httpd.apache.org/docs/2.4/en/urlmapping.html > > http://httpd.apache.org/docs/2.4/en/vhosts/ > > I don't have 2.4, 2.2 here on wheezy.
Looking in the docs/2.2/envvars reference and trying some of the commands I find I apparently must specify the port # somehow. apache2ctl cannot connect on port 80. It apparently uses /etc/alternatives/www-browser, which is a softlink to /usrt/bin/lynx, and guess what? lynx support at lynx.isc.org has been deleted. And it won't work without talking to isc.org first. Even after being re-installed. So A: file a bug against lynx, best to remove it as its apparently been EOL'd by isc.org And B: what can I change that softlink in /etc/alternatives to so apache2ctl will work against localhost:6309 ? And C: If I have to learn a new httpd server, is nginx any better than apache2? > > That's really just the basics so you know where to put random things > > you find on the internet. For your use case, these should also be > > helpful: > > > > http://httpd.apache.org/docs/2.4/en/ssl/ > > http://httpd.apache.org/docs/2.4/en/rewrite/ > > > > What the upstream Apache documentation does not mention (or care > > about) is that Debian has its own way of splitting up Apache > > configuration files. If a random (not Debian- or Ubuntu-specific) > > tutorial tells you to change your httpd.conf then this is most > > certainly not the way to do it in Debian. > > > > >>> I tried putting those 3 lines quoted numerous times at the > > >>> bottom of the httpd/conf/httpd.conf, but that killed local > > >>> access so I assume it also killed external access too. And its > > >>> failure did not generate an error.log entry. > > > > The bottom of your httpd.conf might be the wrong place to put it. It > > really depends on your local configuration which we do not know. Do > > you have a plain Debian installation that you did yourself or do you > > use an image from a hoster or any other company? What changes have > > you done to your configuration? > > > > What Debian expects most admins to do is drop their own virtual host > > definitions into /etc/apache2/sites-available/ and use a2ensite to > > enable them. Global configuration directives can be placed in > > conf-available/ (use a2enconf). > > > > >>> Something was said about the AllowRedirect settings in > > >>> httpd.conf, but it did not specify what to change it to. > > > > Don't touch httpd.conf, it will probably not do what you want to > > achieve. Instead, edit the virtual host you are using. > > > > > Chuckle, point taken, used your search string and got smarter hits > > > for apache2. Since my domain registrar is namecheap, I'm reading > > > this link: > > > <https://www.namecheap.com/support/knowledgebase/article.aspx/9821 > > >/3 8/redirect-to-https-on-apache> > > > > Your domain registrar is irrelevant here. Look for > > Debian/Ubuntu-specific tutorials after reading up on the basics. > > > > > Syntax error on line 71 of /etc/apache2/mods-enabled/ssl.conf: > > > Invalid command 'Header', perhaps misspelled or defined by a > > > module not included in the server configuration > > > Action 'start' failed. > > > > Apparently the header module is not enabled in your configuration. > > You can do so by running "a2enmod headers". > > Not being fam with this a2enmod thing, I just used mc to make a > softlink. That moved the error and changed it a wee bit, to line 72, > which had the keyword always spelled alway. Fixed, start right up. I > can only see it at localhost, so I've no clue if the link in my sig > works or not. > > If it redirects to https and the front page pix loads, I'm good to go > I think. > > > > If you install the ssl-cert package, a self-signed certificate > > > will be automatically created using the hostname currently > > > configured on your computer. > > Which is not the same as the dns servers returns. > > > If your machine is publicly available, there is really no reason > > anymore to use self-signed certificates -- except for testing, > > probably. If your configuration works with your self-signed > > certificate, you should consider using Let's Encrypt. > > > > > So in internal name and the one in the sig don't match? > > > So which name will it use if I run the above cert generator > > > command? > > > > Nowadays you can run more than one VirtualHosts even with only one > > IP address. You just set up regular virtual hosts which use their > > own certificates. > > > > I cannot comment on the other errors you are getting, but (just in > > case I didn't stress it enough :)) I think your life will become a > > lot easier once you master the basics of Apache. The creation of SSL > > certificates actually becomes a lot easier with Let's Encrypt. > > Those are done I believe: > root@coyote:/etc/httpd/conf# ls -l /etc/ssl/private/ > total 8 > lrwxrwxrwx 1 root root 18 Apr 29 10:27 fba0a812 -> > ssl-cert-genes.key > -rw------- 1 root root 2798 Apr 29 10:27 ssl-cert-genes.key > -rw-r----- 1 root ssl-cert 1704 Apr 29 08:46 ssl-cert-snakeoil.key > > Unless thats not enough. > > > J. > > Thanks, Jochen Spieker. > > Cheers, Gene Heskett Cheers, Gene Heskett -- "There are four boxes to be used in defense of liberty: soap, ballot, jury, and ammo. Please use in that order." -Ed Howdershelt (Author) Genes Web page <http://geneslinuxbox.net:6309/gene>
