Questions tagged [https]

HTTPS stands for HTTP Secure and is a combination of HTTP and SSL/TLS (Secure Sockets Layer/Transport Layer Security) and is used to provide an encrypted connection to a website.

HTTPS connections are often used for payment transactions and for sensitive transactions in corporate systems. They are increasingly being used for social networking sites like Facebook and Twitter to help prevent identity theft etc.

HTTPS on Wikipedia

2454 questions
548
votes
11 answers

In Nginx, how can I rewrite all http requests to https while maintaining sub-domain?

I want to rewrite all http requests on my web server to be https requests, I started with the following: server { listen 80; location / { rewrite ^(.*) https://mysite.com$1 permanent; } ... One Problem is that this…
MikeN
  • 8,252
  • 5
  • 22
  • 18
254
votes
11 answers

Is it bad to redirect http to https?

I just installed an SSL Certificate on my server. It then set up a redirect for all traffic on my domain on Port 80 to redirect it to Port 443. In other words, all my http://example.com traffic is now redirected to the appropriate…
JasonDavis
  • 2,658
  • 6
  • 25
  • 32
226
votes
5 answers

nginx HTTPS serving with same config as HTTP

Is there a way to share configuration directives across two nginx server {} blocks? I'd like to avoid duplicating the rules, as my site's HTTPS and HTTP content are served with the exact same config. Currently, it's like this: server { listen 80; …
ceejayoz
  • 32,469
  • 7
  • 81
  • 105
157
votes
9 answers

Is it possible to generate RSA key without pass phrase?

I'm working with Apache2 and Passenger for a Rails project. I would like to create a self-signed SSL Certificate for testing purposes. sudo openssl rsa -des3 -in server.key -out server.key.new When i enter the above command, it says writing RSA…
diya
  • 1,723
  • 2
  • 13
  • 8
111
votes
4 answers

How to test a HTTPS URL with a given IP address

Let's say a website is load-balanced between several servers. I want to run a command to test whether it's working, such as curl DOMAIN.TLD. So, to isolate each IP address, I specify the IP manually. But many websites may be hosted on the server, so…
Martin
  • 3,315
  • 4
  • 19
  • 16
98
votes
8 answers

Properly setting up a "default" nginx server for https

I have several servers running on the same machine, some with http only, some with both http and https. There are several server blocks defined in separate files which are included from the main config file. I have set up a "default" server for…
Roar
79
votes
2 answers

Best way to redirect all HTTP to HTTPS in IIS

We want ALL sites on our webserver (IIS 10) to enforce SSL (ie redirect HTTP to HTTPS). We are currently 'Requiring SSL' on each site and setting up a 403 error handler to perform a 302 redirect to the https address for that specific site. This…
userSteve
  • 1,503
  • 4
  • 20
  • 32
76
votes
10 answers

Remove "www" and redirect to "https" with nginx

I want to create a rule in nginx that does two things: Removes the "www." from the request URI Redirects to "https" if the request URI is "http" There are plenty of examples of how to do each of those things individually, but I can't figure out a…
Devin
  • 883
  • 1
  • 8
  • 8
69
votes
4 answers

_default_ VirtualHost overlap on port 443, the first has precedence

I have two ruby on rails 3 applications running on same server, (ubuntu 10.04), both with SSL. Here is my apache config file: ServerName example1.com DocumentRoot…
Mohit Jain
  • 953
  • 2
  • 10
  • 15
59
votes
11 answers

Why do I need to purchase an SSL certificate when I can generate one locally?

I am having trouble understanding why we need to purchase SSL certificates when we can generate them locally using openSSL. What is the difference between the certificate I purchase and a test certificate I generate locally? Is it just a big scam?
S-K'
  • 1,281
  • 2
  • 11
  • 15
56
votes
4 answers

Connecting to HTTPS with netcat (nc)

I'm working on a homework assignment for my college course. The task is to fetch web pages on HTTPS using nc (netcat). To fetch a page over HTTP, I can simply do the following: cat request.txt | nc -w 5 80 In request.txt I have an HTTP…
Oto Brglez
  • 762
  • 1
  • 5
  • 9
53
votes
2 answers

Lets Encrypt with an nginx reverse proxy

Introduction I have a dev server (currently running Ubuntu 14.04 LTS), which I have been using for a while now for hosting various development tools on different ports. Because the ports can be hard to remember I have decided to to use port 80 for…
0x450
  • 633
  • 1
  • 6
  • 7
51
votes
3 answers

Proxy HTTPS requests to a HTTP backend with NGINX

I have nginx configured to be my externally visible webserver which talks to a backend over HTTP. The scenario I want to achieve is: Client makes HTTP request to nginx which is redirect to the same URL but over HTTPS nginx proxies request over…
Mike
  • 825
  • 2
  • 8
  • 10
49
votes
3 answers

How can I detect if a server is using SNI for HTTPS?

I'm looking for a simple way to know if a server is using the Server Name Indication SSL extension for its HTTPS certificate on a website. A method that uses either a browser or Unix command line is fine. Thanks!
spookylukey
  • 593
  • 1
  • 4
  • 6
47
votes
6 answers

Does HTTPS use TCP or UDP?

Does HTTPS use TCP or UDP?
Steven
  • 617
  • 2
  • 6
  • 7
1
2 3
99 100