Lighttpd-将 HTTPS 443 重定向到 HTTPS 123

Lighttpd-将 HTTPS 443 重定向到 HTTPS 123

我已让 HTTPS 为 Lighttpd 的本地实例运行。

但我想重定向:

http://192.168.1.254 -> https://192.168.1.254:123
https://192.168.1.254 -> https://192.168.1.254:123

我的配置如下。

我得到的 ATM 是https://192.168.1.254/:4430它显示“此站点无法提供 HTTP 和 HTTPS 的安全连接”,我猜测 254 后面的额外 / 是原因,但我似乎无法弄清楚。

server.modules += (
        "mod_openssl",
        "mod_alias"
)

setenv.add-environment = ("fqdn" => "true")

$SERVER["socket"] == ":4430" {
        ssl.engine = "enable"
        ssl.pemfile = "/etc/lighttpd/ssl/combined.pem"
        ssl.honor-cipher-order = "enable"
        ssl.cipher-list = "EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH"
        ssl.use-sslv2 = "disable"
        ssl.use-sslv3 = "disable"
}

# Redirect HTTP to HTTPS 4430
$HTTP["scheme"] == "http" {
        $HTTP["host"] =~ ".*" {
                url.redirect = (".*" => "https://192.168.1.254:4430")
        }
}

# Redirect HTTPS to HTTPS 4430
$SERVER["socket"] == ":443" {
        $HTTP["host"] =~ ".*" {
                url.redirect = (".*" => "https://192.168.1.254:4430")
        }
}

答案1

我不明白为什么要重定向到 4430 而不是 443,因为那样更直接、更典型,但这里有一个配置供您使用:

server.modules += (
        "mod_openssl",
        "mod_redirect",
)

setenv.add-environment = ("fqdn" => "true")

ssl.pemfile = "/etc/lighttpd/ssl/combined.pem"
ssl.cipher-list = "EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH"

$SERVER["socket"] == ":4430" {
        ssl.engine = "enable"
}
# Redirect HTTPS to HTTPS 4430
else $SERVER["socket"] == ":443" {
        ssl.engine = "enable"
        url.redirect = ("" => "https://192.168.1.254:4430${url.path}${qsa}")
}
# Redirect HTTP to HTTPS 4430
else $HTTP["scheme"] == "http" {
        url.redirect = ("" => "https://192.168.1.254:4430${url.path}${qsa}")
}

相关内容