Scheduled Maintenance: We are aware of an issue with Google, AOL, and Yahoo services as email providers which are blocking new registrations. We are trying to fix the issue and we have several internal and external support tickets in process to resolve the issue. Please see: viewtopic.php?t=158230

 

 

 

SSL question

New to Debian (Or Linux in general)? Ask your questions here!
Post Reply
Message
Author
epanagio
Posts: 1
Joined: 2018-11-04 17:05

SSL question

#1 Post by epanagio »

I inherited a server that lighttpd and also has an ssl certificate installed.
The certificate is expiring soon and I tried to update it, but I don't have the expertise to do it and I'm completely lost.
Is there a way to stop ssl from running, basically ignoring the certificate, and run on http?
I tried redirecting the traffic:

$HTTP["host"] == "domain-name" {
url.redirect = (".*" => "domain-name$0")
}

but when I go to http://domain-name I get redirected to https://domain-name

I also tried to disable ssl by changing ssl.engine = "enable" to ssl.engine = "disable", but this didn't work either.

$SERVER["socket"] == ":443" {
protocol = "https://"
ssl.engine = "enable"
ssl.pemfile = "/etc/ssl/private/notsure.pem"
ssl.ca-file = "/etc/ssl/private/gd_bundle-g2-g1.crt"
ssl.dh-file = "/etc/ssl/private/dhparam.pem"
ssl.ec-curve = "secp384r1"
ssl.cipher-list = "EECDH+AESGCM:EDH+AESGCM:AES128+EECDH:AES128+EDH"
ssl.use-sslv2 = "disable"
ssl.use-sslv3 = "disable"
$HTTP["scheme"] == "https" {
setenv.add-response-header = ("Strict-Transport-Security" => "max-age=259200; includeSubDomains",
"X-Frame-Options" => "SAMEORIGIN",
"X-XSS-Protection" => "1" )
}

Then, I figured that if I comment the entire $SERVER["socket"] == ":443" {...} section that would disable ssl, but that didn't work either.

HELP!!!!!!!

How do I disable ssl?
Top
TonyT
Posts: 575
Joined: 2006-09-04 11:57

Re: SSL question

#2 Post by TonyT »

I inherited a server that lighttpd and also has an ssl certificate installed.
The certificate is expiring soon and I tried to update it, but I don't have the expertise to do it and I'm completely lost.
Your question should be "how do I update the ssl cert?"
Top
reinob
Posts: 1195
Joined: 2014-06-30 11:42
Has thanked: 99 times
Been thanked: 47 times

Re: SSL question

#3 Post by reinob »

TonyT wrote:
I inherited a server that lighttpd and also has an ssl certificate installed.
The certificate is expiring soon and I tried to update it, but I don't have the expertise to do it and I'm completely lost.
Your question should be "how do I update the ssl cert?"
Or, alternatively, how do I replace my ssl certificate with a letsencrypt certificate? :)
Top
User avatar
debiman
Posts: 3063
Joined: 2013-03-12 07:18

Re: SSL question

#4 Post by debiman »

Or, alternatively, how do I replace my expiring ssl certificate with a valid certificate? :)
Top
Post Reply

Return to “Beginners Questions”