1. Forum
  2. Usenet Intenat
  3. ALT.BBS.SYNCHRONET

  • HTTPS

    From dragon@1:229/2 to All on Friday, October 25, 2019 19:20:07
    From: dragon@IPTIA.remove-6ok-this

    To: Digital Man
    Also, how do I redirect HTTP users to HTTPS. I know how to do all of these things with Apache and IIS.

    ---
    þ Synchronet þ IPTIA - bbs2.ipingthereforeiam.com
    --- Synchronet 3.17c-Win32 NewsLink 1.111
    * Vertrauen - Riverside County, California - telnet://vert.synchro.net

    --- SoupGate-Win32 v1.05
    * Origin: www.darkrealms.ca (1:229/2)
  • From Digital Man@1:229/2 to All on Friday, October 25, 2019 17:56:47
    From: digital.man@vert.synchro.net.remove-1ra-this

    To: dragon
    Re: HTTPS
    By: dragon to Digital Man on Fri Oct 25 2019 06:20 pm

    Also, how do I redirect HTTP users to HTTPS. I know how to do all of these things with Apache and IIS.

    You need to create a webctrl.ini file, the documentation for which is here: http://wiki.synchro.net/server:web

    I don't think there's a clear URL rewrite example there, but if you figure it out, it'd be nice if you could add a good example to the wiki page.

    digital man

    Synchronet "Real Fact" #66:
    Synchronet was conceived of and mostly developed in southern California.
    Norco, CA WX: 92.6øF, 10.0% humidity, 3 mph SE wind, 0.00 inches rain/24hrs
    --- Synchronet 3.17c-Win32 NewsLink 1.111
    * Vertrauen - Riverside County, California - telnet://vert.synchro.net

    --- SoupGate-Win32 v1.05
    * Origin: www.darkrealms.ca (1:229/2)
  • From dragon@1:229/2 to All on Saturday, October 26, 2019 19:47:13
    From: dragon@IPTIA.remove-t7g-this

    To: Digital Man
    The wiki is clear as mud and I got absolutely nowhere with that.

    So, I tried to follow the wiki entry for installing a Let'sEncrypt cert with similar results.

    NOW, no matter what I do, whenever I try to load my webv4 page via HTTPS, I get a hung fTelnet window and the Control Panel reports "1248 TLS ERROR 'Received TLS Alert: Bad certificate' (-1) popping data"

    This is more than a little frustrating.

    Is there an experienced sysop here willing to help a doofus out?

    I want to protect my web interface with HTTPS and force users to use it over plain HTTP. Is that a lot to ask? It IS considered "best practice" for web interfaces these days.

    ---
    þ Synchronet þ IPTIA - bbs2.ipingthereforeiam.com
    --- Synchronet 3.17c-Win32 NewsLink 1.111
    * Vertrauen - Riverside County, California - telnet://vert.synchro.net

    --- SoupGate-Win32 v1.05
    * Origin: www.darkrealms.ca (1:229/2)
  • From Digital Man@1:229/2 to All on Saturday, October 26, 2019 17:44:09
    From: digital.man@vert.synchro.net.remove-z49-this

    To: dragon
    Re: HTTPS
    By: dragon to Digital Man on Sat Oct 26 2019 06:47 pm

    The wiki is clear as mud and I got absolutely nowhere with that.

    So, I tried to follow the wiki entry for installing a Let'sEncrypt cert with similar results.

    NOW, no matter what I do, whenever I try to load my webv4 page via HTTPS, I get a hung fTelnet window and the Control Panel reports "1248 TLS ERROR 'Received TLS Alert: Bad certificate' (-1) popping data"

    This is more than a little frustrating.

    It sounds like you're changing the subject from http-redirect-to-https now to a
    LetSyncrypt issue.

    Is there an experienced sysop here willing to help a doofus out?

    Here and likely in #synchronet on irc.synchro.net

    I want to protect my web interface with HTTPS and force users to use it over plain HTTP. Is that a lot to ask?

    It shouldn't be.

    It IS considered "best practice" for web interfaces these days.

    Sure, but I don't really see any reason to *force* the user to use https over http. Especially if you allow Telnet logins, they're certainly less secure than
    http-auth.


    digital man

    Synchronet "Real Fact" #43:
    Synchronet added Baja/PCMS support with v2.00a (1994).
    Norco, CA WX: 85.1øF, 15.0% humidity, 8 mph E wind, 0.00 inches rain/24hrs
    --- Synchronet 3.17c-Win32 NewsLink 1.111
    * Vertrauen - Riverside County, California - telnet://vert.synchro.net

    --- SoupGate-Win32 v1.05
    * Origin: www.darkrealms.ca (1:229/2)
  • From Glenn Rossi@1:229/2 to All on Saturday, October 26, 2019 21:10:15
    From: glenn.rossi@1:275/301.remove-ny7-this

    To: Digital Man
    I removed all of the LetsEncrypt stuff I tried and restored a backup. I'm currently mainly concerned about the TLS error and the inability to use HTTPS at all to access fTelnet, so HTTPS is still a good subject.

    As for forcing HTTPS and telnet being inherently unsecure, that's kind of the point of what I'm trying to do. I want to limit access to my board to SSH and HTTPs, disabling HTTP, telnet, rlogin, etc. I might even go with HTTPS only. --- SBBSecho 3.10-Win32
    * Origin: IPTIA BBS 1:275/301 bbs2.ipingthereforeiam.com (1:275/301)
    --- Synchronet 3.17c-Win32 NewsLink 1.111
    * Vertrauen - Riverside County, California - telnet://vert.synchro.net

    --- SoupGate-Win32 v1.05
    * Origin: www.darkrealms.ca (1:229/2)