2015-02-09 16:31 GMT+09:00 Daniel <dferradal@xxxxxxxxx>: > > > 2015-02-08 21:15 GMT+01:00 Yann Ylavic <ylavic.dev@xxxxxxxxx>: >> >> On Sun, Feb 8, 2015 at 9:03 PM, Yann Ylavic <ylavic.dev@xxxxxxxxx> wrote: >> > On Sun, Feb 8, 2015 at 7:36 AM, YUSUI T <yusui.tomikawa@xxxxxxxxx> >> > wrote: >> >> >> >> root@hostname:~# tail -n 6 /etc/apache2/mods-available/ssl.conf >> >> <VirtualHost *:443> >> >> ServerName www.mydomain.com >> >> Redirect / https://www.mydomain.com/ >> >> </VirtualHost> >> > >> > You probably want to redirect to https when the request is plain http, >> > hence : >> > <VirtualHost *:80> >> > above. >> >> Sorry, I completely misread your issue, please ignore this. >> >> --------------------------------------------------------------------- >> To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx >> For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx >> > > This is the list of virtualhosts you need. It could be reduced, but for > educational purposes here is how all virtualhosts should look to represent > your scenario more or less as I have understood you were asking. As you will > see there is no need for mod_rewrite at all for this case. > > I assumed you want to redirect port 80 to SSL too, if not, ignore the first > non-ssl virtualhost examples. > > ### > # domain.com port 80 redirects to SSL www.domain.com > <VirtualHost *:80> > ServerName domain.com > DocumentRoot /path/to/docroot > Redirect / https://www.domain.com/ > </VirtualHost> > > ### > # www.domain.com port 80 redirects to SSL www.domain.com > <VirtualHost *:80> > ServerName www.domain.com > DocumentRoot /path/to/docroot > Redirect / https://www.domain.com/ > </VirtualHost> > > ### > # domain.com port 443 SSL redirects to SSL www.domain.com > <VirtualHost *:443> > ServerName domain.com > DocumentRoot /path/to/docroot > SSLEngine on > SSLCertificateKeyFile /my/path/to/domain.com.key > SSLCertficicateFile /my/path/do/domain.com.crt > Redirect / https://www.domain.com/ > </VirtualHost> > > #### > # www.domain.com port 443 SSL > <VirtualHost *:443> > ServerName www.domain.com > DocumentRoot /path/to/docroot > SSLEngine on > SSLCertificateKeyFile /my/path/to/www.domain.com.key > SSLCertificateFile /my/path/do/www.domain.com.crt > > ### > # And your actual configuration from here on > </VirtualHost> > > > Hope this helps Thank you all so much for the help. I finally understand what it means, and it now works as expected thanks to the helps of everyone! Here's the configurations I want. root@hostname:~# cat /etc/apache2/sites-available/000-default.conf <VirtualHost *:80> # The ServerName directive sets the request scheme, hostname and port that #ServerName www.example.com ServerName www.mydomain.com ServerAdmin contact@xxxxxxxxxxxx DocumentRoot /var/www/html <Directory "/var/www/html"> AllowOverride All Options +ExecCGI Require all granted </Directory> # Available loglevels: trace8, ..., trace1, debug, info, notice, warn, #LogLevel info ssl:warn ErrorLog ${APACHE_LOG_DIR}/error.log CustomLog ${APACHE_LOG_DIR}/access.log combined # For most configuration files from conf-available/, which are #Include conf-available/serve-cgi-bin.conf </VirtualHost> <VirtualHost *:80> ServerName mydomain.com DocumentRoot /var/www/html Redirect / http://www.mydomain.com/ </VirtualHost> # vim: syntax=apache ts=4 sw=4 sts=4 sr noet root@hostname:~# root@hostname:~# cat /etc/apache2/sites-available/default-ssl.conf <IfModule mod_ssl.c> <VirtualHost _default_:443> ServerAdmin contact@xxxxxxxxxxxx ServerName www.mydomain.com DocumentRoot /var/www/html # Available loglevels: trace8, ..., trace1, debug, info, notice, warn, #LogLevel info ssl:warn ErrorLog ${APACHE_LOG_DIR}/error.log CustomLog ${APACHE_LOG_DIR}/access.log combined # For most configuration files from conf-available/, which are #Include conf-available/serve-cgi-bin.conf # SSL Engine Switch: # Enable/Disable SSL for this virtual host. SSLEngine on # A self-signed (snakeoil) certificate can be created by installing # SSLCertificateFile directive is needed. SSLCertificateFile /etc/ssl/CA/certs/www.mydomain.com/server.crt SSLCertificateKeyFile /etc/ssl/CA/certs/www.mydomain.com/server.key # Server Certificate Chain: #SSLCertificateChainFile /etc/apache2/ssl.crt/server-ca.crt # Certificate Authority (CA): #SSLCACertificateFile /etc/apache2/ssl.crt/ca-bundle.crt # Certificate Revocation Lists (CRL): #SSLCARevocationFile /etc/apache2/ssl.crl/ca-bundle.crl # Client Authentication (Type): #SSLVerifyDepth 10 # SSL Engine Options: # Translate the client X.509 into a Basic Authorisation. This means that #SSLOptions +FakeBasicAuth +ExportCertData +StrictRequire <FilesMatch "\.(cgi|shtml|phtml|php)$"> SSLOptions +StdEnvVars </FilesMatch> <Directory /usr/lib/cgi-bin> SSLOptions +StdEnvVars </Directory> # SSL Protocol Adjustments: # "force-response-1.0" for this. BrowserMatch "MSIE [2-6]" \ nokeepalive ssl-unclean-shutdown \ downgrade-1.0 force-response-1.0 # MSIE 7 and newer should be able to use keepalive BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown </VirtualHost> <VirtualHost _default_:443> ServerName mydomain.com DocumentRoot /var/www/html SSLEngine on SSLCertificateFile /etc/ssl/CA/certs/www.mydomain.com/server.crt SSLCertificateKeyFile /etc/ssl/CA/certs/www.mydomain.com/server.key Redirect / https://www.mydomain.com/ </VirtualHost> </IfModule> # vim: syntax=apache ts=4 sw=4 sts=4 sr noet root@hostname:~# Yusui --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx