Re: [Apache] Redirection http->https

To: Frédéric Marécaille <genpashiro@lavabit.com>
Cc: debian-user-french <debian-user-french@lists.debian.org>
Subject: Re: [Apache] Redirection http->https
From: Ebling Andreas <ebling@free.fr>
Date: Tue, 17 May 2011 21:25:00 +0200
Message-id: <[🔎] 38F0B296-833C-451B-A102-8293C8DC4208@free.fr>
In-reply-to: <[🔎] 20110517191512.GA20906@lavabit.com>
References: <[🔎] 20110517191512.GA20906@lavabit.com>

On May 17, 2011, at 9:15 PM, Frédéric Marécaille wrote:

> Bonsoir à tous,
> 
Salut

> Dans le cadre de tests perso sur un serveur web apache (version 2.2.16-6
> squeeze), je souhaiterai configurer apache afin de rediriger
> automatiquement les requêtes http vers du https.
> 
> Le cryptage ssl fonctionne sur ce serveur et est accessible via
> https://site-perso
> 
> J'ai activé le "mod_rewrite", fouillé le web en quête de tutos que j'ai
> trouvés mais sans arriver à faire cela.
> 
> Avez-vous une solution qui fonctionne :-) ??
> 
J'en avais une, je te retrouve la config.

Ca marche à coups de virtual hosts:

(dans /etc/apache2/sites-enabled/default)
<VirtualHost *:80>
        ServerName host.domain.tld
        RedirectPermanent / https://host.domain.tld
</VirtualHost>

(dans /etc/apache2/sites-enabled/ssl)
<VirtualHost *:443>
        ServerName *.domain.tld
        ServerAdmin webmaster@domain.tld

        SSLEngine On
        SSLCertificateKeyFile ssl/private/ssl_apache.key
        SSLCertificateFile ssl/certs/ssl_apache.crt

        ### Mass SSL Vhosts ###
        RewriteEngine on

        #   define two maps: one for fixing the URL and one which defines
        #   the available virtual hosts with their corresponding
        #   DocumentRoot.
        RewriteMap    lowercase    int:tolower
        RewriteMap    vhost        txt:/etc/apache2/ssl.map

        #   1. make sure we don't map for common locations
        RewriteCond   %{REQUEST_URI}  !^/cgi-bin/.*
        RewriteCond   %{REQUEST_URI}  !^/icons/.*

        #   2. make sure we have a Host header
        RewriteCond   %{HTTP_HOST}  !^$

        #   3. lowercase the hostname
        RewriteCond   ${lowercase:%{HTTP_HOST}|NONE}  ^(.+)$
        #
        #   4. lookup this hostname in vhost.map and
        #      remember it only when it is a path
        #      (and not "NONE" from above)
        RewriteCond   ${vhost:%1}  ^(/.*)$

        #   5. finally we can map the URL to its docroot location
        #      and remember the virtual host for logging puposes
        RewriteRule   ^/(.*)$   %1/$1  [E=VHOST:${lowercase:%{HTTP_HOST}}]

</VirtualHost>

Et voila le ssl.map dans /etc/apache2/
admin.domain.tld        /usr/share/ldap-account-manager/
imp.domain.tld       /usr/share/squirrelmail/
phpmyadmin.domain.tld        /usr/share/phpmyadmin/

Ca permet d'avoir plusieurs sous-domaines en https avec un seul certificat.


> Merci d'avance.
> 
J'espère que ça peut t'aider.

> -- 
> Frédéric Marécaille
> 

--
Ebling Andreas
"Photography is a powerful art capable of holding a moment forever..."
http://www.ebling-photo.fr

Reply to:

Follow-Ups:
- Re: [Apache] Redirection http->https
  - From: Frédéric Marécaille <genpashiro@lavabit.com>

References:
- [Apache] Redirection http->https
  - From: Frédéric Marécaille <genpashiro@lavabit.com>

Prev by Date: [Apache] Redirection http->https
Next by Date: probleme de droits suite à un montage nfs
Previous by thread: [Apache] Redirection http->https
Next by thread: Re: [Apache] Redirection http->https
Index(es):
- Date
- Thread