I am using Apache using Docker on AWS. The Apache listens on port 80 and serves HTTP.
The Apache is behind an AWS ELB load balancer, which listens only on port 443 serving HTTPS.
When I request https://example.com/foo/ (with trailing slash) it works fine, my content is served.
When I request https://example.com/foo (without trailing slash) it redirects to http://example.com/foo/ – that is to say it adds the trailing slash (correctly) but redirects from HTTPS to HTTP (incorrect).
What can I do about that?
My Dockerfile is
FROM httpd:2.4
COPY . /usr/local/apache2/htdocs/
When I do the request via curl:
$ curl -v https://example.com/foo
* Trying 1.2.3.4...
* TCP_NODELAY set
* Connected to example.com (1.2.3.4) port 443 (#0)
* TLS 1.2 connection using TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
* Server certificate: example.com
* Server certificate: Amazon
* Server certificate: Amazon Root CA 1
* Server certificate: Starfield Services Root Certificate Authority - G2
> GET /foo HTTP/1.1
> Host: example.com
> User-Agent: curl/7.54.0
> Accept: */*
>
< HTTP/1.1 301 Moved Permanently
< Date: Tue, 28 Nov 2017 09:17:26 GMT
< Content-Type: text/html; charset=iso-8859-1
< Content-Length: 247
< Connection: keep-alive
< Server: Apache/2.4.29 (Unix)
< Location: http://example.com/foo/
<
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>301 Moved Permanently</title>
</head><body>
<h1>Moved Permanently</h1>
<p>The document has moved <a href="http://example.com/foo/">here</a>.</p>
</body></html>
* Connection #0 to host example.com left intact
Thanks in advance.
Best Answer
This is your back-end Apache speaking. It doesn't understand your client is using HTTPS and does the redirection as it was working standalone. Without providing any of your configuration it's hard to tell how the redirection is done, but you have to modify it to redirect to the
https://
, instead.This (not the but a) solution from AWS knowledge center may guide you a step forward. While the original issue is a bit different, the provided resolution probably applies to this case, too.