Joshua Slive wrote:
That is what I was afraid of. Unfortunately, I cannot get a certificate for the other hostnames because I want to be able to redirect for any HTTPS site until the user logs in. Thanks for the help.On 5/23/07, Nathaniel Hall <lists@xxxxxxxxxxxxxxxxxxx> wrote:RewriteEngine On RewriteCond %{HTTP_HOST} !^auth\.server\.com$ RewriteRule (.*) https://auth.server.com/index.php [R=301,L]You're always going to get the cert error here, because ssl negotiation (including certificate verification) happens before any HTTP request headers are sent to apache. Further, apache can't know what hostname is being requested until it reads the Host from the HTTP request headers. So by the time it knows to redirect, the ssl negotiation and certificate error are long gone. (This is the same reason you can't do name-based virtual hosting with ssl.) So you either need to fix your links to point to auth.server.com or acquire a cert for the other hostnames. Joshua.
-- Nathaniel Hall, GSEC GCFW GCIA GCIH GCFA Spider Security --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|