Keep Server Online
If you find the Apache Lounge, the downloads and overall help useful, please express your satisfaction with a donation.
or
A donation makes a contribution towards the costs, the time and effort that's going in this site and building.
Thank You! Steffen
Your donations will help to keep this site alive and well, and continuing building binaries. Apache Lounge is not sponsored.
| |
|
 Topic: Issues redirecting http requests to https |
|
| Author |
|
otalado
Joined: 05 Apr 2022
Posts: 2
Location: Slovenia, Izola
|
 Posted: Tue 05 Apr '22 10:37 Post subject: Issues redirecting http requests to https |
 |
|
I have Server version: Apache/2.4.52 (Win64) Apache Lounge VS16 Server built: Dec 17 2021 10:17:38 installed on Windows 10 Pro X64.
I installed the LetsEncrypt certificate. As I had troubles redirecting HTTP requests to HTTPS. As it was the first time that I have used wacs to obtain the certificate I was not too sure I have a good certificate in my hands. So I replaced the LetsEncrypt certificate with a ZeroSSL certificate.
Unfortunately, the situation was exactly the same with the ZeroSLL and with the LetsEncrypt certificates.
Symptoms are (before each test, I flushed the system's DNS and cleared the browser's cache):
- On Chrome forcing the HTTPS seems to work OK for both example.com and www.example.com
- on Firefox when I try to reach example.com it connected after a little more than 3 minutes, trying to reach www.example.com ended with The connection was reset message.
- On Edge, trying to reach both example.com and www.example.com ended up with a message This page isn’t working right now
The default VirtualHost is defined as follows:
| Code: | <VirtualHost _default_:443>
DocumentRoot "E:/AMPP/htdocs"
DirectoryIndex index.html index.php
#ServerName example.com:443
ServerName www.example.com
ServerAlias example.com
#Protocols h2 http:/1.1
ErrorLog "${SRVROOT}/logs/error.log"
TransferLog "${SRVROOT}/logs/access.log"
SSLEngine on
# LetsEncrypt
#
#SSLCertificateFile "c:/wacs/cert/example.com-chain.pem"
#SSLCertificateKeyFile "c:/wacs/cert/example.com-key.pem"
#SSLCertificateChainFile "c:/wacs/cert/example.com-crt.pem"
# ZeroSSL
#
SSLCertificateFile "${SRVROOT}/certs/certificate.crt"
SSLCertificateKeyFile "${SRVROOT}/certs/private.key"
SSLCertificateChainFile "${SRVROOT}/certs/ca_bundle.crt"
<FilesMatch "\.(cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
</FilesMatch>
<Directory "${SRVROOT}/cgi-bin">
SSLOptions +StdEnvVars
</Directory>
BrowserMatch "MSIE [2-5]" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
CustomLog "${SRVROOT}/logs/ssl_request.log" \
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
</VirtualHost> |
I have tried the redirect method as follows:
| Code: | <VirtualHost *:80>
ServerName example.com
Redirect permanent / https://example.com/
ErrorLog "${SRVROOT}/logs/error.log"
TransferLog "${SRVROOT}/logs/access.log"
</VirtualHost>
<VirtualHost *:80>
ServerName www.example.com
Redirect permanent / https://example.com/
ErrorLog "${SRVROOT}/logs/error.log"
TransferLog "${SRVROOT}/logs/access.log"
</VirtualHost> |
As things were not working I have tried (two versions of) the rewrite method:
| Code: | <VirtualHost *:80>
ServerName otalado.eu
RewriteEngine On
# Method 1
# RewriteCond %{HTTPS} off
# RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
# Method 2
RewriteCond %{HTTP_HOST} !^www\. [NC]
RewriteRule ^(.*)$ http://www.domain.com/$1 [L,R=301]
RewriteCond %{HTTPS} !=on
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
ErrorLog "${SRVROOT}/logs/error.log"
TransferLog "${SRVROOT}/logs/access.log"
</VirtualHost>
<VirtualHost *:80>
ServerName www.otalado.eu
RewriteEngine On
# Method 1
# RewriteCond %{HTTPS} off
# RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
# Method 2
RewriteCond %{HTTP_HOST} !^www\. [NC]
RewriteRule ^(.*)$ http://www.domain.com/$1 [L,R=301]
RewriteCond %{HTTPS} !=on
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
ErrorLog "${SRVROOT}/logs/error.log"
TransferLog "${SRVROOT}/logs/access.log"
</VirtualHost> |
All the things I've tried have ended up with the same symptoms as I have described. I checked the access and ssl_request logs and that seems to me normal and log entries were the same for all methods I have tried.
Sample of ssl_request.log:
Chrome trying example.com (works OK)
| Code: | [05/Apr/2022:08:11:52 +0200] 192.168.1.1 TLSv1.3 TLS_AES_256_GCM_SHA384 "GET / HTTP/1.1" 1541
[05/Apr/2022:08:11:52 +0200] 192.168.1.1 TLSv1.3 TLS_AES_256_GCM_SHA384 "GET /favicon.ico HTTP/1.1" 12862 |
Chrome trying www.example.com (works OK)
| Code: | [05/Apr/2022:08:32:00 +0200] 192.168.1.1 TLSv1.3 TLS_AES_256_GCM_SHA384 "GET / HTTP/1.1" 1541
[05/Apr/2022:08:32:00 +0200] 192.168.1.1 TLSv1.3 TLS_AES_256_GCM_SHA384 "GET /favicon.ico HTTP/1.1" 12862
|
Firefox trying example.com (after roughly 3 minutes delay)
| Code: | [05/Apr/2022:08:46:42 +0200] 192.168.1.1 TLSv1.3 TLS_AES_256_GCM_SHA384 "GET / HTTP/1.1" 1541
[05/Apr/2022:08:46:42 +0200] 192.168.1.1 TLSv1.3 TLS_AES_256_GCM_SHA384 "GET /favicon.ico HTTP/1.1" 12862 |
There were no entries in logs for the failed requests.
I have a strong feeling that the issue is not in the way I am trying to achieve redirection (well, at least not in /extra/httpd-ssl.conf) but without some guidance where to look and what to check for, I am lost. So, any input is welcome. |
|
| Back to top |
|
otalado
Joined: 05 Apr 2022
Posts: 2
Location: Slovenia, Izola
|
| Posted: Wed 06 Apr '22 7:46 Post subject: Re: Issues redirecting http requests to https |
|
|
After I spent two afternoons banging my head against the wall, I gave up and started from scratch. I downloaded fresh .zip of Apache (the same version as I used before). The only thing I touched in httpd.conf are ServerRoot and link to httpd-ssl.conf.
In httpd-ssl.conf I left default VirtualHost as in my previous post and tested both the redirect method and (after I enabled rewrite_module) rewrite method. All was working OK on all three browsers.
So, as I half suspected, the issue was not in httpd-ssl.conf file, but I must have made a stinking mess somewhere else! It'll probably be time better spent elsewhere, but I'll take UltraCompare and compare all config files of failed and working Apache setup to find what exactly I did wrong.
BTW: there was post on 3rd Dec 2021: Redirect to https or RewriteRule. I liked suggestion by James Blond:
| Code: | <If "%{SERVER_PROTOCOL} != 'HTTPS'">
Redirect "/" "https://www.example.com/"
</If> |
It is very readable and elegant, so I'll use that (only I made the redirect permanent). |
|
| Back to top |
|
Otomatic
Joined: 01 Sep 2011
Posts: 212
Location: Paris, France, EU
|
| Posted: Wed 06 Apr '22 9:25 Post subject: |
|
|
Hi,
Into <VirtualHost *:80> structure I use :
| Code: | RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
|
|
|
| Back to top |
|
|
|
|
|
|
