0

I'm building an HTTP server in C++ using the Cesanta Mongoose c++ networking library. Essentially I'm trying to redirect traffic from my web browser to a proxy on the localhost. I recently added support for HTTPS by purchasing a certificate and domain and following the instructions to enable ssl with mongoose (https://cesanta.com/docs/http/ssl.html). The server is now listening on port 443, and it runs fine. I've configured my web browser to direct HTTPS requests to localhost:443, but it doesn't appear to be triggering the HTTP server. When my server is listening on port 8080 and the web browser is configured to send requests to localhost:8080, it triggers the web browser, but it doesn't support https. Is there something wrong with configuring the web browser to send requests to localhost:443?

ageispolis
  • 1
  • Did you check that your OS doesn’t prevent you from listening on restricted ports? The example code doesn’t use port 8443 just for fun. – Mikael H Dec 05 '19 at 05:42
  • @Mikael H Unfortunately I tried sending the requests to localhost:8443, but I get the same problem. No trigger/events happening. I think this is because 8443 was meant for secure access to Tomcat. As for ports 80 and 443, I have a feeling it has something to do with the fact that they need root access; I can listen on those ports but only with root. – ageispolis Dec 05 '19 at 20:06
  • Unless you also have Tomcat (or some other software) bound to port 8443 on the same server, you shouldn't have any problem asking your own server to listen on that port (or any other port >1024 for that matter). But yes, you're correct that ports <1024 need root access in normal cases. Better keep it that way for now. A quick way to test whether your server attempts a TLS handshake is by running `openssl s_client -connect host:port` against it. – Mikael H Dec 05 '19 at 22:00
  • @Mikael H Did this, the connection actually succeeds, but I think I've realized the culprit - my certificate is self-signed. Trying to send legitimate HTTPS requests to a server with a self-signed certificate will fail, no? – ageispolis Dec 05 '19 at 23:30
  • The verification of a self-signed certificate will fail unless you’ve told your client to trust it, yes. Look up how to create a local CA and trust its root certificate if you haven’t already got one in your organization, or simply request a free certificate from Let’s Encrypt and have your server use that. – Mikael H Dec 06 '19 at 05:29

0 Answers0