When checking for https HSTS compliance on htstpreload.org I get a warning
> We cannot connect to https://example.net using TLS ("Get https://example.net: http: server gave HTTP response to HTTPS client").
And I do not understand how this can be. The page in questions loads as https with a valid cert and the http query is set to redirect to https
<VirtualHost ip.ad.re.ss:443>
ServerName www.example.net
ServerAlias foo.example.net
ServerAlias example.net
DocumentRoot /usr/local/www/example/
DirectoryIndex index.html
ProxyPassMatch ^/(.*\.php)$ fcgi://127.0.0.1:9000/usr/local/www/example/$1
SSLEngine on
SSLCertificateFile /usr/local/etc/dehydrated/certs/example.net/cert.pem
SSLCertificateKeyFile /usr/local/etc/dehydrated/certs/example.net/privkey.pem
SSLCertificateChainFile /usr/local/etc/dehydrated/certs/example.net/chain.pem
SSLProtocol all -SSLv2 -SSLv3 -TLSv1 -TLSv1.1
SSLHonorCipherOrder on
SSLCipherSuite ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS
#SSLUseStapling On
Header always set Strict-Transport-Security "max-age=15638400; includeSubdomains;"
Header always set X-Frame-Options DENY
Alias /.well-known/ /usr/local/www/.well-known/
</VirtualHost>
<VirtualHost *:80>
ServerName www.example.net
ServerAlias foo,example.net
ServerAlias example.net
ServerAlias webmail.example.net
Redirect / https://www.example.net/
Alias /.well-known/ /usr/local/www/.well-known/
</VirtualHost>
--
Last night I stayed up late playing poker with Tarot cards. I got a
full house and four people died.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|