> On 15 November 2010 17:17, Matus UHLAR - fantomas <uhlar@xxxxxxxxxxx> wrote: > > > Redirect / https://www.site.co.za > > > > in the VirtualHost section for site.co.za (yes, you need separate virtual > > host) > > > > I hope you have SSL certificate for www.site.co.za with alternative name > > site.co.za, otherwise browsers will report a mismatch. On 15.11.10 19:37, Rudi Kramer wrote: > I think I see the problem here. I have two virtual host files, one for > non-ssl and one for ssl. > > <VirtualHost *:80> > ServerName www.site.co.za > ServerAlias site.co.za > > RedirectMatch ^ https://www.site.co.za/ put here simply: Redirect / https://www.site.co.za/ > </VirtualHost> > <VirtualHost *:443> > ServerName www.site.co.za > ServerAlias site.co.za > > RedirectMatch ^http\://site\.co\.za https://www.site.co.za/ This will never match, Redirect only sees local path, no http/https. Yes, the destination may contain http/https. > SSLEngine on > SSLOptions +StrictRequire > SSLCertificateFile /etc/apache2/ssl/site.co.za/server.crt > SSLCertificateKeyFile /etc/apache2/ssl/site.co.za/server.key > > </VirtualHost> > As far as I can tell the ssl encryption means that Apache can't do the > redirect Apache _can_ do the redirect. But you don't read documentation and apparently neither our recommendations. > and the cliet only has a valid cert for the > https://www.site.co.zaand not > https://site.co.za which is why I was trying to get the redirect working.. The redirection has nothing to do with the certificate. Actually, the server doesn't care about certificates... However, you must either have _two_ virtual hosts and redirect requests from one to another, or have third-party apache module that redirects request to the servername if an alias is specified. I know of mod_comon_redirect (available in gentoo linux) and mod_redirtoservname (debian) Unfortunately, mod_common_redirect doesn't seem to work within SSL virtual host. -- Matus UHLAR - fantomas, uhlar@xxxxxxxxxxx ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. Linux IS user friendly, it's just selective who its friends are... --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx