Differences

This shows you the differences between two versions of the page.

--- openbsd:openhttpd [2019/11/10 11:46]
jrmu
+++ — (current)
@@ Line 1: / Line 1: @@
-Setting up OpenBSD's default web server, openhttpd, is relatively simple. Start off by copying the example file in /etc/examples/httpd.conf:
-<code>
-$ doas cp /etc/examples/httpd.conf /etc/httpd.conf
-</code>
-Here is what /etc/httpd.conf contains:
-<code>
-server "example.com" {
-        listen on * port 80
-        location "/.well-known/acme-challenge/*" {
-                root "/acme"
-                request strip 2
-        }
-        location * {
-                block return 302 "https://$HTTP_HOST$REQUEST_URI"
-        }
-}
-server "example.com" {
-        listen on * tls port 443
-        tls {
-                certificate "/etc/ssl/example.com.fullchain.pem"
-                key "/etc/ssl/private/example.com.key"
-        }
-        location "/pub/*" {
-                directory auto index
-        }
-        location "/.well-known/acme-challenge/*" {
-                root "/acme"
-                request strip 2
-        }
-}
-</code>
-You must replace example.com everywhere with your domain name.
-Simply enable and start the web server:
-<code>
-$ doas rcctl enable httpd
-$ doas rcctl start httpd
-</code>
-Make sure pf allows incoming http connections:
-<code>
-pass in proto tcp to port {http https}
-</code>
-Now you will almost certainly want openhttpd to use an SSL cert, so follow the [[openbsd:acme-client|acme-client]] instructions, then reset your web server:
-<code>
-$ doas rcctl restart httpd
-</code>
-To test if your web server is working and has a correct SSL cert, run:
-<code>
-$ openssl s_client -connect example.com:443
-<code>
-You should see the correct SSL subject and issuer:
-<code>
-subject=/CN=test.ircnow.org
-issuer=/C=US/O=Let's Encrypt/CN=Let's Encrypt Authority X3
-</code>

IRCNow

Page Tools

Site Tools

User Tools

Differences