HTTP Auth over SSL

t121anf · World Chat Champion Joined: 23 Feb 2007 Karma :

I'm trying to setup a test webserver which I need to run webdav on, the OS being used is Debian as I'm told by the internet it's the closest to Raspbian which I plan to us when I have tested it out.

So far, I've installed the OS, Apache and webdav using basic http authentication.

So far so good, I can update the files on in webdav folder via various methods.

However I need SSL for an app I want to use, i've created a self signed cert* and applied it to apache. Browsers moan it's insecure but traffic is going over SSL.

The problem is once I add SSL, web auth stops working. If I go to my server via http returns an error about expecting https (400 bad request). Going via https I see my site/file but no authentication.

Can anyone advise on how to setup apache to use SSL and then authentication?

*for the live server I plan to use LetsEncrypt

t121anf · World Chat Champion Joined: 23 Feb 2007 Karma :

I think I've solved the issue.

This line in the conf
<VirtualHost *:80>

needed to be updated to
<VirtualHost *:443>

initial tests show datestamps matching my edits, i.e. edit at 00:40 in web app, file on the server changes to 00:40 and so on.

Slight issue that my desktop app has now stopped talking to the files on the web server but I'll look at that tomorrow*

*or today, it's late, time for bed.

- · Super Spammer Joined: 22 Oct 2013 Karma :

undefined · Derestricted Danger Joined: 09 Mar 2017 Karma :

I know you've already solved the problem but for the sake of completeness, you can always add in a permanent redirect to catch the times you/users forget to use the right protocol:

t121anf · World Chat Champion Joined: 23 Feb 2007 Karma :

Thanks for that, I'd need it anyway when I put this into a live environment (can't at present wife is running a campaign this month)