diff options
| author | Wojtek Porczyk <[email protected]> | 2022-10-18 23:03:37 +0200 |
|---|---|---|
| committer | GitHub <[email protected]> | 2022-10-19 00:03:37 +0300 |
| commit | 3d109453c6def4c30b32e360668693f98339798e (patch) | |
| tree | 211303b3c8a7c7f50c0e9414a7592c47bf3ece9e /configs/nginx/redirect-to-https.conf | |
| parent | 1a8546305d82595f6fe20fb7b6f8da04d5b717c4 (diff) | |
nginx: serve ACME challenges over unencrypted HTTP (#116)
RFC 8555 section 8.3 [1] states HTTP challenge MUST be served over TCP
port 80 and while the verification follows redirects, those are unneed
and migh be harmful in specific deployment scenarios.
[1] https://datatracker.ietf.org/doc/html/rfc8555#section-8.3
Signed-off-by: Wojtek Porczyk <[email protected]>
Diffstat (limited to 'configs/nginx/redirect-to-https.conf')
| -rw-r--r-- | configs/nginx/redirect-to-https.conf | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/configs/nginx/redirect-to-https.conf b/configs/nginx/redirect-to-https.conf index 7cf185dd..385fb49a 100644 --- a/configs/nginx/redirect-to-https.conf +++ b/configs/nginx/redirect-to-https.conf @@ -1 +1,3 @@ -return 301 https://$host$request_uri; +location / { + return 301 https://$host$request_uri; +} |