Re: apache redirection

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



On 05/19/2010 04:08 PM, Ski Dawg wrote:
> The problem I am running into is if they go to https://domainname.com
> (straight to the secure site), I am not able to find a solution that
> will redirect them to https://www.domainname.com, so that the ssl
> certificate matches and they won't get the "This connection is
> untrusted" warning.
> 
> Is there something obvious that I am missing? Is there a better way to
> ensure that everyone will always end up with the www in the url, so
> the certificate always matches?

The problem you are running into is that SSL sessions are negotiated
prior to the browser sending the virtual host name, so there is no
opportunity to redirect the client to the www URL before it's too late.
 Aside from purchasing a second SSL certificate for the plain domain
name or getting a wildcard certificate to cover both, I would just make
sure the links on your web site to the secure version of the domain
specify the www in the URL.

-Zack
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos

[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux