SSL question

New to Debian (Or Linux in general)? Ask your questions here!

SSL question

Postby epanagio » 2018-11-05 07:29

I inherited a server that lighttpd and also has an ssl certificate installed.
The certificate is expiring soon and I tried to update it, but I don't have the expertise to do it and I'm completely lost.
Is there a way to stop ssl from running, basically ignoring the certificate, and run on http?
I tried redirecting the traffic:

$HTTP["host"] == "domain-name" {
url.redirect = (".*" => "domain-name$0")
}

but when I go to http://domain-name I get redirected to https://domain-name

I also tried to disable ssl by changing ssl.engine = "enable" to ssl.engine = "disable", but this didn't work either.

$SERVER["socket"] == ":443" {
protocol = "https://"
ssl.engine = "enable"
ssl.pemfile = "/etc/ssl/private/notsure.pem"
ssl.ca-file = "/etc/ssl/private/gd_bundle-g2-g1.crt"
ssl.dh-file = "/etc/ssl/private/dhparam.pem"
ssl.ec-curve = "secp384r1"
ssl.cipher-list = "EECDH+AESGCM:EDH+AESGCM:AES128+EECDH:AES128+EDH"
ssl.use-sslv2 = "disable"
ssl.use-sslv3 = "disable"
$HTTP["scheme"] == "https" {
setenv.add-response-header = ("Strict-Transport-Security" => "max-age=259200; includeSubDomains",
"X-Frame-Options" => "SAMEORIGIN",
"X-XSS-Protection" => "1" )
}

Then, I figured that if I comment the entire $SERVER["socket"] == ":443" {...} section that would disable ssl, but that didn't work either.

HELP!!!!!!!

How do I disable ssl?
epanagio
 
Posts: 1
Joined: 2018-11-04 17:05

Re: SSL question

Postby TonyT » 2018-11-05 11:47

I inherited a server that lighttpd and also has an ssl certificate installed.
The certificate is expiring soon and I tried to update it, but I don't have the expertise to do it and I'm completely lost.

Your question should be "how do I update the ssl cert?"
TonyT
 
Posts: 548
Joined: 2006-09-04 11:57

Re: SSL question

Postby reinob » 2018-11-06 08:39

TonyT wrote:
I inherited a server that lighttpd and also has an ssl certificate installed.
The certificate is expiring soon and I tried to update it, but I don't have the expertise to do it and I'm completely lost.

Your question should be "how do I update the ssl cert?"


Or, alternatively, how do I replace my ssl certificate with a letsencrypt certificate? :)
reinob
 
Posts: 560
Joined: 2014-06-30 11:42

Re: SSL question

Postby debiman » 2018-11-07 06:31

Or, alternatively, how do I replace my expiring ssl certificate with a valid certificate? :)
User avatar
debiman
 
Posts: 3017
Joined: 2013-03-12 07:18


Return to Beginners Questions

Who is online

Users browsing this forum: No registered users and 7 guests

fashionable