0
I’m trying to publish a website that’s on an internal network host. The goal is that when we access from the local network http://ipinterno, the site opens normally. I also need to publish this site for external access, to be accessed via https. We only have a Fixed IP. I made a NAT, for everything that arrive in IPWAN in port XXXXX, redirect to port 443 of Ipinterno. However, the redirection within Apache is not correct. I installed and configured the ssl mod to work https.
Follow the contents of my ssl file:
/etc/httpd/conf.d/site-ssl.conf
LoadModule ssl_module modules/mod_ssl.so
Alias /owncloud "/var/www/html/owncloud/"
Listen 443
<VirtualHost *:80>
ServerName 172.16.16.6
#Redirect / https://IPWAN:60004/owncloud
</VirtualHost>
<VirtualHost *:443>
ServerName IPWAN
Redirect / https://IPWAN:60004/owncloud
SSLEngine on
SSLCertificateFile /etc/ssl/apache/owncloud.crt
SSLCertificateKeyFile /etc/ssl/apache/owncloud.key
DocumentRoot /var/www/html/owncloud
</VirtualHost>
When I try to access, I get this error in Chrome: ERR_TOO_MANY_REDIRECTS Could someone give me a hint ?
You say you redirect from the outside to the 443, but then the person arrives at the 443 and you redirect again to 60004. Then it will be in loop even.
– Bacco
Hello Bacco. Thanks for your help. Could you help me fix this setup ? With the configuration below, I arrive at port 443, says the certificate is not valid, ignore and continue. However the page does not open, because the internal IP appears in the browser address:
– Ricardo
Loadmodule ssl_module modules/mod_ssl.so Alias /owncloud "/var/www/html/owncloud/" Listen 443 <Virtualhost *:80> Servername 172.16.16.6 </Virtualhost> <Virtualhost *:60004> Servername 187.58.241.138 </Virtualhost>#Xa;<Virtualhost *:443> Servername 187.58.241.138 #Redirect / https://187.58.241.138/owncloud Sslengine on Sslcertificatefile /etc/ssl/apache/owncloud.crt Sslcertificatekeyfile /etc/ssl/apache/owncloud.key Documentroot /var/www/html/owloud </Virtualhost>
– Ricardo
@Bacco, I was able to resolve the issue when I arrived by the WAN at port 443 he was redirecting to the internal IP. In Owncloud config.php I added WAN IP in trusted_domains. It is possible to use ssl on a port other than 443 ?
– Ricardo
yes, it is enough that the address is accessed with https:// - the advantage of using conventional ports (80 and 443) is that you do not need by the number, the fact that it is http or https selects each one. The only thing that changes when you use non-standard is having to say the number next to the protocol. In your case, you set the 60004 only for https. If you want to use both protocols, you will need 2 ports of any shape.
– Bacco
In apache who says whether it is https or not is Sslengine on, the port is irrelevant.
– Bacco
@Bacco, Thanks for the help. Already helped me a lot. How do I score or mark as finished the topic ?
– Ricardo
If you want, you can post in the field of responses, below, your solution, and mark as accepted. But if you think the situation has turned out to be very different from what you were asked, it might be more interesting to delete the question only. Usually when it is something that many people can take advantage of doubt, the incentive is to leave on the site. When it is a very specific thing, which only serves for a case, it may be better to take. See how you prefer.
– Bacco
To use SSL over another port, in the . conf virtualhos file, I added this line: Listen 60004 https. I added also: <Virtualhost default:60004> Now SSL runs over port 60004.
– Ricardo