Also, how do I redirect HTTP users to HTTPS. I know how to do all of these things with Apache and IIS.

---
þ Synchronet þ IPTIA - bbs2.ipingthereforeiam.com

Re: HTTPS
By: dragon to Digital Man on Fri Oct 25 2019 06:20 pm

Also, how do I redirect HTTP users to HTTPS. I know how to do all of these things with Apache and IIS.

You need to create a webctrl.ini file, the documentation for which is here: http://wiki.synchro.net/server:web

I don't think there's a clear URL rewrite example there, but if you figure it out, it'd be nice if you could add a good example to the wiki page.

digital man

Synchronet "Real Fact" #66:
Synchronet was conceived of and mostly developed in southern California.
Norco, CA WX: 92.6øF, 10.0% humidity, 3 mph SE wind, 0.00 inches rain/24hrs

---
þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net

The wiki is clear as mud and I got absolutely nowhere with that.

So, I tried to follow the wiki entry for installing a Let'sEncrypt cert with similar results.

NOW, no matter what I do, whenever I try to load my webv4 page via HTTPS, I get a hung fTelnet window and the Control Panel reports "1248 TLS ERROR 'Received TLS Alert: Bad certificate' (-1) popping data"

This is more than a little frustrating.

Is there an experienced sysop here willing to help a doofus out?

I want to protect my web interface with HTTPS and force users to use it over plain HTTP. Is that a lot to ask? It IS considered "best practice" for web interfaces these days.

---
þ Synchronet þ IPTIA - bbs2.ipingthereforeiam.com

Re: HTTPS
By: dragon to Digital Man on Sat Oct 26 2019 06:47 pm

The wiki is clear as mud and I got absolutely nowhere with that.

So, I tried to follow the wiki entry for installing a Let'sEncrypt cert with similar results.

NOW, no matter what I do, whenever I try to load my webv4 page via HTTPS, I get a hung fTelnet window and the Control Panel reports "1248 TLS ERROR 'Received TLS Alert: Bad certificate' (-1) popping data"

This is more than a little frustrating.

It sounds like you're changing the subject from http-redirect-to-https now to a LetSyncrypt issue.

Is there an experienced sysop here willing to help a doofus out?

Here and likely in #synchronet on irc.synchro.net

I want to protect my web interface with HTTPS and force users to use it over plain HTTP. Is that a lot to ask?

It shouldn't be.

It IS considered "best practice" for web interfaces these days.

Sure, but I don't really see any reason to *force* the user to use https over http. Especially if you allow Telnet logins, they're certainly less secure than http-auth.


digital man

Synchronet "Real Fact" #43:
Synchronet added Baja/PCMS support with v2.00a (1994).
Norco, CA WX: 85.1øF, 15.0% humidity, 8 mph E wind, 0.00 inches rain/24hrs

---
þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net

I removed all of the LetsEncrypt stuff I tried and restored a backup. I'm currently mainly concerned about the TLS error and the inability to use HTTPS at all to access fTelnet, so HTTPS is still a good subject.

As for forcing HTTPS and telnet being inherently unsecure, that's kind of the point of what I'm trying to do. I want to limit access to my board to SSH and HTTPs, disabling HTTP, telnet, rlogin, etc. I might even go with HTTPS only. --- SBBSecho 3.10-Win32
* Origin: IPTIA BBS 1:275/301 bbs2.ipingthereforeiam.com (1:275/301)
þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net