On Thu, Feb 05, 2015 at 05:25:27PM -0600, Theodore Wynnychenko wrote:
> Hello
> Recently, there was a thread entitled "Best way forward w.r.t.
> apache/nginx/httpd?"
>
> My needs for an http server are pretty low; and I was planning on using the
> new in-house httpd included in current.
>
> The only "fancy" thing I like is having http requests redirect to https.
> This is actually completely unnecessary for my uses, but, I would like to
> have it if I can.
>
> I see a note in the change log from 5.5 to 5.6
> (http://www.openbsd.org/plus56.html) which states: "Redirect httpd(8) to
> https:// if SSL/TLS is enabled." However, I do not see any other reference
> to this behavior in the man pages.
The man page for httpd(8) states in it's DESCRIPTION section that: "The
httpd daemon is an HTTP server with FastCGI AND SSL SUPPORT". And under
the SEE ALSO section it refers to httpd.conf(5). Have a look at the
latter.
You want to specify something like:
server "default" {
listen on $ext_ip port 443
certificate <file>
ciphers <string>
key <file>
}
> I am not sure exactly what that note means. Does it mean that a connection
> to port 80 (e.g. "listen on * port 80") will be automatically redirected to
> https on port 443 if a complementary listen statement exists (e.g. "listen
> on * tls port 443")? Does it mean something different?
>
> I guess, I just don't know, and would like to understand what will happen
> before moving to the new httpd.
>
> Thanks
> Ted
>
> [demime 1.01d removed an attachment of type application/x-pkcs7-signature
> which had a name of smime.p7s]
Regerds,
Erling
