8

I'm trying to get apache to redirect from http to https, however I want them both on the same port (20100, but I doubt that will matter). Basically what's going on here except I'm not doing this for webmin. Currently I have it configured to serve HTTPS, and when I access with HTTP I get:

Your browser sent a request that this server could not understand.
Reason: You're speaking plain HTTP to an SSL-enabled server port.
Instead use the HTTPS scheme to access this URL, please.

There seem to be a lot of somewhat similar questions, however I am unable to find one that actually answers my question.

Community
  • 1
Finn
  • 223
  • 1
  • 2
  • 8
  • 1
    For those who find this question through Google: Serving both HTTP and HTTPS on the same port is totally possible — see https://github.com/mscdex/httpolyglot . The highly-voted negative answers are just saying that it's just not necessarily solvable using _only_ Apache and no other tools at all. – Quuxplusone Mar 16 '20 at 21:42

2 Answers2

16

This is not going to be possible with Apache. With Apache you cannot have HTTPS and HTTP running on the same port.

I am aware of a few port-multiplexers designed to make HTTPS/OpenVPN and SSH run on the same port, but these require additional software.

rustyx
  • 1,676
  • 3
  • 21
  • 30
Zoredache
  • 130,897
  • 41
  • 276
  • 420
  • Damn. Oh well. Would it be possible to have apache simply redirect to the HTTPS version of the page from the HTTP version? – Finn Feb 13 '12 at 11:35
  • Sure. do a quick search here there are many questions that cover that. – Zoredache Feb 13 '12 at 15:37
  • Yeah so I've discovered, however they all assume that you're running http on port 80 and https on port 443. None (that i could find) work for to redirect http requests to https on the same port. – Finn Feb 13 '12 at 19:53
  • 2
    @thefinn93 The same port still won't work in Apache, regardless of what you're trying to answer with - a full page or a redirect. You need software in front of the listener that can make decisions on request routing based on the protocol the client sends - HAProxy may do the trick. But why go through all this effort - why not just use a different port? – Shane Madden Feb 13 '12 at 23:24
  • Alright. I assumed since apache was able to serve up *something* on that page it should be able to serve up redirect. Oh well, not really that important. Thanks! – Finn Feb 14 '12 at 03:12
  • @Zoredache I tweaked your post slightly and added a note that the second link is dead now. But SSLH is an awesome find! – rustyx Aug 09 '16 at 19:20
  • It looks like there's another one here: https://github.com/robertklep/node-port-mux – mwfearnley May 22 '18 at 10:39
1

This can be archived by redirecting to a custom "400 - Bad Request" page and modify the redirection with a rewrite rule. In the following example i request

http://test.mydomain.com:27000

and get redirected to

https://test.mydomain.com:27000

with one virtual host.

Code:

ErrorDocument 400 /

RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^/?(.*) https://%{SERVER_NAME}:27000/$1 [R,L]

Or you simply redirect directly to the HTTPS version of the page.

Code:

 ErrorDocument 400 https://test.mydomain.com:27000

But you will loose the ability to redirect on a real "Bad Request" page.

rdX
  • 11
  • 2
  • Didn't want to vote down on this answer, but this approach doesn't work with Apache 2.4.51 – Mladen B. Dec 05 '21 at 08:15
  • i have the second code line successfully running for years on a Apache/2.4.7 (Ubuntu) – rdX Dec 06 '21 at 10:40
  • Maybe your older version is responding with an other error code? If its 500 you just need to change the line. – rdX Dec 06 '21 at 10:48
  • 2.4.51 is the currently latest Apache version – Mladen B. Dec 07 '21 at 03:06
  • sry i meant your newer version responds with a different error code. I tested the second code line right now on Apache/2.4.51 (Unix) and it's working perfecly. – rdX Dec 08 '21 at 06:27