Proper https setting on apache?

K

keton2020-08-21 09:37:01

Apache HTTP Server

keton, 2020-08-21 09:37:01

When you click on a link in the example.my/bla/bla1 format , the bla1 page opens;
when you try to navigate to https://example.my/bla/bla1 , it redirects you to the main page.
Maybe someone has an idea in which direction to dig?

I use two configs. one for the version of the site with a certificate, the second - without.
Non-ssl config

<VirtualHost *:80>
        ServerName example.my
        Redirect "/" "https:///example.my/"
</VirtualHost>

~
SSL config

Listen 443 https
DocumentRoot /var/www/html/
ServerName example.my

ErrorLog logs/ssl_error_log
TransferLog logs/ssl_access_log
LogLevel warn

SSLEngine on
SSLCertificateFile /etc/ssl/certs/apache-selfsigned.crt
SSLCertificateKeyFile /etc/ssl/private/apache-selfsigned.key
<Files ~ "\.(cgi|shtml|phtml|php3?)$">
    SSLOptions +StdEnvVars
</Files>
<Directory "/var/www/cgi-bin">
    SSLOptions +StdEnvVars
</Directory>

BrowserMatch "MSIE [2-5]" \
         nokeepalive ssl-unclean-shutdown \
         downgrade-1.0 force-response-1.0
CustomLog logs/ssl_request_log \
          "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"

</VirtualHost>

Reply

Answer the question

In order to leave comments, you need to log in

1 answer(s)

K

ky0, 2020-08-21
@ky0

The correct configuration of SSL on Apache is not to mock the old man and put nginx in front of him, terminating encryption. The next step is euthanasia.