A request to https returns 301 and is re-directed to http with an explicit port 80

[Cloudflare Newbie]

What happens:
I enter a valid https URL in the browser (Chrome, Firefox), and the browser responds with sent an invalid response. ERR_SSL_PROTOCOL_ERROR
The URL in the browser has been changed to include an explicit port 80.

Network diagnostics from Chrome:

Request URL: https://hilltopbarn.net/xmas
Request Method: GET
Status Code: 301 (from disk cache)
Remote Address:
Referrer Policy: strict-origin-when-cross-origin

**Response headers**
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 775cf170cc69dc35-LHR
content-type: text/html; charset=iso-8859-1
date: Wed, 07 Dec 2022 11:32:52 GMT
location: https://hilltopbarn.net:80/xmas/
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lCDZl0QkbSz%2BRSW%2FGve8qlluVypBOnj3zkUd%2Fr933IAQ%2FrZcHK%2FKks5%2FCPmbfmagg822t2rM%2FSXlLnOxNnZfSwpNcbQ550xnH9eIrM4yHhogIB90%2B1KXNHSo%2BOPIsotYnnU%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

If I then manually edit the URL, removing the :80, the next GET from the browser works.

Substituting the explicit IP of the origin in the URL works.

Using just the domain name in the URL also works, responding with a 200. Clicking on the xmas link in the returned page also works.

Request URL: https://hilltopbarn.net/
Request Method: GET
Status Code: 200 (from disk cache)
Remote Address:
Referrer Policy: strict-origin-when-cross-origin

Response headers
alt-svc:h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-ray: 774c38d47866dcdb-LHR
content-encoding: gzip
content-type: text/html
date: Mon, 05 Dec 2022 10:50:38 GMT
last-modified: Tue, 28 Dec 2021 08:33:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xCU7w2qv2fczCSmAzTIKixknBW6hdQbxQz%2FlMleqzK9uUhBgvnNmyRPjm85qZL0MgMbAlZzKwAZCgMNz9SMICgqQk2kFrnFaTfu0YkItrZV%2FB8h2c%2BVgx7ix1QoWJq2B0bg%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Changing SSL/TLS between Dynamic and Full(strict) doesn’t seem to make any difference. The origin has LetsEncrypt certificates.

You should always use Full Strict, as any other encryption mode does not provide proper security.

As for your issue, this redirect comes straight from your host. You best pause Cloudflare for now - Pause Cloudflare · Cloudflare Fundamentals docs - and make sure your site loads fine when connecting to your server. Once that works, it should also work on Cloudflare.

Currently, it actually seems to work fine.

It probably was a browser cache issue.

Make sure you are on Full Strict and the configuration should be actually all right.

Thanks for the input Sandro.
I did a bit more investigation and the issue seems to be how Cloudflare treats this URL that doesn’t end with the forward slash character.
If I type the URL with trailing slash all is good.
However the same URL without the trailing slash doesn’t work - > responds with 301.
I have tried purging the Cloudflare cache, did’t seem to make a difference.

As mentioned, it will be a browser issue, on Cloudflare’s side it works all right.

$ curl -i https://hilltopbarn.net/xmas
HTTP/2 301
location: https://hilltopbarn.net/xmas/

yes, clearing broswer cache helped :wink:

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.