{"id":263,"date":"2016-04-03T12:03:49","date_gmt":"2016-04-03T10:03:49","guid":{"rendered":"http:\/\/mmed.roulleau.net\/?p=263"},"modified":"2016-04-03T12:03:49","modified_gmt":"2016-04-03T10:03:49","slug":"auto-hebergement-lets-encrypt-et-redirection-https","status":"publish","type":"post","link":"https:\/\/mmed.roulleau.net\/?p=263","title":{"rendered":"Auto-h\u00e9bergement, Let&rsquo;s Encrypt, et redirection HTTPS"},"content":{"rendered":"<p>Let&rsquo;s Encrypt, c&rsquo;est une initiative formidable pour permettre l&rsquo;auto-h\u00e9bergement dans de bonnes conditions.<br \/>\nEnfin des certificats valides pour nos serveurs !<\/p>\n<p>Du coup, on peut avoir la tentation (l\u00e9gitime, et m\u00eame logique) de vouloir rediriger tout  le trafic HTTP vers HTTPS.<br \/>\nMais attention, car si vous souhaitez utiliser les solutions \u00ab\u00a0automatiques\u00a0\u00bb, y compris pour le renouvellement de vos certificats, vous ne pouvez pas rediriger tout HTTP : en effet, Let&rsquo;s Encrypt effectue des requ\u00eates HTTP pour valider vos domaines&#8230;<\/p>\n<p>Je vous conseille donc d&rsquo;utiliser dans vos h\u00f4tes virtuels :80 la directive suivante :<br \/>\n<code>RedirectMatch ^\/(?!.well-known)(.*)$ https:\/\/votre-site<\/code><\/p>\n<p>D&rsquo;ailleurs, il s&rsquo;agit de la seule directive n\u00e9cessaire (\u00e0 part bien s\u00fbr ServerName) dans le bloc VirtualHost :80 de Apache.<\/p>\n<p>Qui aura pour effet de tout rediriger, sauf les requ\u00eates n\u00e9cessaires \u00e0 Let&rsquo;s Encrypt (qui commencent par well-known)<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Let&rsquo;s Encrypt, c&rsquo;est une initiative formidable pour permettre l&rsquo;auto-h\u00e9bergement dans de bonnes conditions. Enfin des certificats valides pour nos serveurs ! Du coup, on peut avoir la tentation (l\u00e9gitime, et m\u00eame logique) de vouloir rediriger tout le trafic HTTP vers HTTPS. Mais attention, car si vous souhaitez utiliser les solutions \u00ab\u00a0automatiques\u00a0\u00bb, y compris pour le [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":[],"categories":[8],"tags":[],"_links":{"self":[{"href":"https:\/\/mmed.roulleau.net\/index.php?rest_route=\/wp\/v2\/posts\/263"}],"collection":[{"href":"https:\/\/mmed.roulleau.net\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/mmed.roulleau.net\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/mmed.roulleau.net\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/mmed.roulleau.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=263"}],"version-history":[{"count":0,"href":"https:\/\/mmed.roulleau.net\/index.php?rest_route=\/wp\/v2\/posts\/263\/revisions"}],"wp:attachment":[{"href":"https:\/\/mmed.roulleau.net\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=263"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/mmed.roulleau.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=263"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/mmed.roulleau.net\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=263"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}