Re: Question about SSL and Apache and a certificate error

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Justin Pasher wrote:
Actually, ignore everything I just said. All this time I thought that was what apache was doing, but it's actually occurring after the mismatched server name warning is presented. The rewrite rule will still catch the request and redirect them to https://www.csulb.edu, but not until after the warning has already been issued. 


Heh, no worries ;)
However, I think you might be able to help me solve a few of the problem cases. Here's what's going on. I have a message forum running at http://www.csulb.edu/itforums. When you hit the site there is an .htaccess directive that automatically redirects you to to the SSL version of the site: 

RewriteEngine on
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
This works great, except when someone types csulb.edu/itforums in their browser. They then get redirected to https://csulb.edu/itforums and receive a certificate error. I can't really fix the case of someone typing https://csulb.edu/itforums (which will probably be rare), I can still take care of the other cases: having both http://www.csulb.edu/itforums and http://csulb.edu/itforums forward to https://www.csulb.edu/itforums. I tried to do this but my rewrite statements don't seem to work right: 

RewriteEngine on
RewriteCond %{HTTPS} off
RewriteCond %{HTTP_HOST} !www
RewriteRule (.*) https://www.%{HTTP_HOST}%{REQUEST_URI}

RewriteCond %{HTTPS} off
RewriteCond %{HTTP_HOST} www
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}

Here are some test pages where I've applied the above directives:
http://csulb.edu/projects/itforums/dev/ -> https://www.csulb.edu/projects/itforums/dev/ 
The above correctly updated the URL and is running SSL
http://www.csulb.edu/projects/itforums/dev/ -> http://www.csulb.edu/projects/itforums/dev/ 
The above doesn't work correctly as it doesn't go SSL

Notice the second case doesn't forward to https.  Any idea why?

Thanks!
Mike

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
  "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux