I have set up a simple server to test my TLS certificate, the TLS part works fine. I have my DNS through CloudFlare.
I would like the website to remain anonymous so I just changed the domain to "example.com".
Here is the code for the simple server:
package main
import (
"log"
"net/http"
)
var hostname = "example.com"
var key = "/srv/ssl/" + hostname + "-2017.03.20.key"
var cert = "/srv/ssl/ssl-bundle.crt"
func main() {
http.HandleFunc("/", func(w http.ResponseWriter, r *http.Request) {
w.Write([]byte("TLS test"))
})
// go serveHTTP()
// go redirectHTTP()
serveHTTPS()
}
func serveHTTP() {
if err := http.ListenAndServe(":80", nil); err != nil {
log.Fatalf("ListenAndServe error: %v", err)
}
}
func redirectHTTP() {
err := http.ListenAndServe(":80", http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
http.Redirect(w, r, "https://"+hostname+r.RequestURI, http.StatusMovedPermanently)
}))
if err != nil {
log.Fatalf("ListenAndServe error: %v", err)
}
}
func serveHTTPS() {
log.Fatal(http.ListenAndServeTLS(":443", cert, key, nil))
}
Now if I run the server like this, and go to https://example.com
then it does not work.
But if I change the part that lets me serve HTTP to this:
go serveHTTP()
// go redirectHTTP()
serveHTTPS()
Then suddenly both HTTP and HTTPS works. So if I go to my site by typing in http://example.com
, and https://example.com
, both works fine.
If I comment out go serveHTTP()
and try to redirect HTTP to HTTPS like this:
// go serveHTTP()
go redirectHTTP()
serveHTTPS()
Then I get this on my screen:
If I change back to this:
// go serveHTTP()
// go redirectHTTP()
serveHTTPS()
And access the page not through the domain name, but though the ip address, I ofcourse get a warning because the certificate is not issued to the ip address, but the domain name I use.
If I persist by clicking advanced and adding exception then it works.
So actually it is being served at port 443, but trying to access the page through the domain name, that lets it go through CloudFlare DNS, then it does not work.
Even if I only use CloudFlare as "DNS only" it still does not matter:
Or if I change to proxy, still the same:
I have turned off cache and I use developer mode so that I should get "real time responses" from my server.
So to summerize, since I have my DNS through CloudFlare, CloudFlare does not let me serve HTTPS, without HTTP. I need both HTTP and HTTPS without HTTP redirect. This is really weird and I have no idea how to fix this. The server serves through 443 because as I showed if I try to access the page through the IP address and add security exception, the page is actually being served.
What can I do?