I've rebuilt Apache against OpenSSL 3.0 beta 1 and there the redirect
works.
Unfortunately switching to OpenSSL 3.0 (or 1.1 where I expect it to also
work) is not an option at the moment.
čt 24. 6. 2021 v 18:55 odesílatel Pavel Heimlich, a.k.a. hajma <
tropikha...@gmail.com> napsal:
esílatel Nick Folino napsal:
>>
>>> Search the archives. I believe there's a recent thread about this.
>>>
>>> On Thu, Jun 24, 2021 at 4:26 AM Pavel Heimlich, a.k.a. hajma <
>>> tropikha...@gmail.com> wrote:
>>>
>>>>
>>
čt 24. 6. 2021 v 17:54 odesílatel Otis Dewitt - NOAA Affiliate
napsal:
> You may be having certificate issues. Try testing the certificates first.
>
> # Your first error message is: AH02008: SSL library error 1 in handshake
>
> # Run This
> openssl verify /etc/certs/localhost/host.crt
>
>
# op
Basically yes. It was this hack that redirected users to https when they
tried http. But it stopped working when I tried to drop TLSv1.1
čt 24. 6. 2021 v 15:31 odesílatel Jim Albert napsal:
>
> 215 is configured to answer for both http and https? I only see one Listen
> config in your original p
21 at 4:26 AM Pavel Heimlich, a.k.a. hajma <
> tropikha...@gmail.com> wrote:
>
>>
>>
>> čt 24. 6. 2021 v 3:56 odesílatel Jim Albert napsal:
>>
>>> Have you attempted from more than one client?
>>>
>>
>> yes. Firefox and wget. Both b
čt 24. 6. 2021 v 3:56 odesílatel Jim Albert napsal:
> Have you attempted from more than one client?
>
yes. Firefox and wget. Both behave identically.
>
> Expand more, please on what you have running on port 215. I'm unfamiliar
> with the Solaris apache configs.
>
there's just the Apache serve
With the
SSLProtocol -ALL -SSLv2 -SSLv3 -TLSv1 -TLSv1.1 +TLSv1.2
line in config:
[Thu Jun 24 07:59:41.488363 2021] [ssl:info] [pid 2213:tid 1] AH01883:
Init: Initialized OpenSSL library
[Thu Jun 24 07:59:41.488427 2021] [ssl:warn] [pid 2213:tid 1] AH01873:
Init: Session Cache is not configured [hi
st 23. 6. 2021 v 23:06 odesílatel Otis Dewitt - NOAA Affiliate
napsal:
> Check your Openssl ciphers to see if it supports TLS 1.2
> Try:
>
> SSLProtocol -ALL -SSLv2 -SSLv3 -TLSv1 -TLSv1.1 +TLSv1.2
> SSLCipherSuite
>
> HIGH:!aNULL:!eNULL:!kECDH:!aDH:!RC4:!3DES:!CAMELLIA:!MD5:!AES256-SHA:!AES128-
Hi,
I use
ErrorDocument 400 "https://myserver:215";
to achieve redirection to secure connection for anyone who would access my
server with just 'http://myserver:215'.
This works as long as there's
SSLProtocol TLSv1.1 +TLSv1.2
specified in the configuration. However when I change that to just
SSLPr
