On 8/24/20 9:57 AM, Christopher Schultz wrote:
So your RewriteCond[ition] is expected to always be true? Okay. Maybe
remove it, then? BTW I think your rewrite will strip query strings and
stuff like that. Maybe you just want RedirectPermanent instead of
Rewrite(Cond|Rule)?
Okay, so everyone gets redirected from http://exmaple.com/ to
https://example.com/. If LE requests
http://example.com/.well-known/uherfhuerhfiu then it will be
redirected to https://example.com/.well-known/uherfhuerhfiu,
presumably locate the correct file and authorize the certificate
request, right?
But you have said that "everything is unconditionally passed to
Tomcat". You posted some config that definitely passes some things to
Tomcat, but without seeing the rest of the <VirtualHost> configuration
it's not possible to know for sure nothing else is going on.
Ok. In the original post, I posted the virtual host configuration as it
was at the time, with meaningful domain names and IP addresses redacted,
and some commented-out, abandoned-in-place lines removed.
Here is what I currently have in place, albeit with names and IP
addresses "changed to protect the innocent." I'm sending you the
uncensored version off-List.
<VirtualHost *:80>
ServerName foo.frobozz.com
# ServerAlias bar.frobozz.com
DocumentRoot /var/www/html/test
ServerAdmin i...@frobozz.com
<Directory /var/www/html/test>
AllowOverride All
</Directory>
RewriteEngine on
RewriteCond %{HTTP_HOST} !^www\. [NC]
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
</VirtualHost>
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerName foo.frobozz.com
# ServerAlias bar.frobozz.com
DocumentRoot /var/www/html/test
ServerAdmin i...@frobozz.com
# <Directory /var/www/html/test>
# AllowOverride All
# </Directory>
# <Proxy "https://foo.frobozz.com/manager/html/*";>
# Require ip aa.bb.cc.dd
# </Proxy>
# <Proxy "https://bar.frobozz.com/manager/html/*";>
# Require ip aa.bb.cc.dd
# </Proxy>
<Location /manager>
Require ip aa.bb.cc.dd ww.xx.yy zz pp.dd.qq.xx
</Location>
<Location /host-manager>
Require ip aa.bb.cc.dd ww.xx.yy zz pp.dd.qq.xx
</Location>
ProxyPass "/" "http://127.0.0.1:8080/";
ProxyPassReverse "/" "http://127.0.0.1:8080/";
ProxyRequests Off
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /etc/letsencrypt/live/foo.frobozz.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/foo.frobozz.com/privkey.pem
</VirtualHost>
</IfModule>
--
JHHL
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
