Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

SSL certificate with VeriSign does not work for non-www link, how to redirect the non-www url to www.sitename.com

Posted on 2007-10-18
7
Medium Priority
?
921 Views
Last Modified: 2008-01-09
Hello,

Our website is hosted on windows server 2003 by a hosting provider offsite. We have a SSL certificate purcahsed from VeriSign for www.sitename.com, but when a client types in http://sitename.com the SSL certificate error is encountered as the site is not registered under http://sitename.com.

What can be the possible solution to make the SSL certificate work for http://sitename.com as per my knowledge it would be either to redirect the http://sitename.com to www.sitename.com. If this is true then can someone guide me on what we have to do to accomplish this. We have asked our hosting provider and they have no clue on what to do.

The next thing would be to buy a new certificate for http://sitename.com but is there any other solution that can make it work without spending all the extra bucks.

Thanks in advance
Swapna
0
Comment
Question by:Visanow
  • 4
  • 2
7 Comments
 
LVL 37

Expert Comment

by:meverest
ID: 20105003
if your certificate matches www.sitename.com and you want to be able to access https://sitename.com then you have no choice than to buy a new certificate.  No manner of redirection, forwarding or site wrapping will give you the same (or even remotely similar) result.

you can get a lot cheaper than verisign (if the $$ are the problem) - just search for "cheap ssl certificate" in your favorite search engine.

Cheers.



0
 

Author Comment

by:Visanow
ID: 20105113
I see that many sites like amazon,google n many others when typed http://yahoo.com they automatically redirect to www.yahoo.com, isnt there any a way to do that?
0
 
LVL 37

Expert Comment

by:meverest
ID: 20105386
sure there is.  BUT you need a certificate to cover every domain - either many specific certificates, or a suitable wildcard cert.

Cheers.
0
Veeam Disaster Recovery in Microsoft Azure

Veeam PN for Microsoft Azure is a FREE solution designed to simplify and automate the setup of a DR site in Microsoft Azure using lightweight software-defined networking. It reduces the complexity of VPN deployments and is designed for businesses of ALL sizes.

 
LVL 27

Accepted Solution

by:
mrcoffee365 earned 1500 total points
ID: 20106944
Normally people redirect from the http://domain.com to https://www.domain.com .  That way you only need one certificate for the www.domain.com .

There are a couple of ways to handle it in IIS.  One is to put a Javascript redirect in all of your header pages.

Another is to set up an IIS site listening for http://domain.com and redirect it to your site https://www.domain.com .

Another is to set up your IIS www.domain.com to only allow https.  Then put in a custom error for 403 to redirect the user to https://www.domain.com .

These links have discussions of these various solutions:
http://support.microsoft.com/kb/839357
http://www.experts-exchange.com/Networking/Misc/Q_21256905.html
http://weblogs.asp.net/pwilson/archive/2004/12/23/331455.aspx
The following page is a good discussion of options, but the main server wasn't answering, so this is the Google cached page:
http://64.233.169.104/search?q=cache:_tJvfeonTtwJ:blog.opsan.com/archive/2005/04/17/395.aspx+iis+http+redirect+to+https&hl=en&gl=us&strip=1
This is the real link for it:
http://blog.opsan.com/archive/2005/04/17/395.aspx
0
 
LVL 37

Expert Comment

by:meverest
ID: 20107262
>> Normally people redirect from the http://domain.com to https://www.domain.com .  That way you only need one certificate for the www.domain.com

that is still no help in this case - you will STILL need two certificates, else one (or the other) will pop a 'security warning'

Cheers.
0
 
LVL 27

Expert Comment

by:mrcoffee365
ID: 20110242
meverest -- yes, you have been right all along, if Visanow wishes to have
https://domain.com 
serve with a certificate, then he would need to get a certificate for that domain.

However, most people who run Web servers with SSL only get 1 certificate for the main domain, say www.domain.com, and redirect with various mechanisms when users need to go to the secure connection.

My concern is that you made it sound as if Visanow was required to get another certificate, when in fact that is rarely the case.
0
 
LVL 37

Expert Comment

by:meverest
ID: 20112996
>> My concern is that you made it sound as if Visanow was required to get another certificate, when in fact that is rarely the case.

I don't understand you point.  The facts are plain.  He *has* a certificate for www.domain.com.  He *wants* to be able to use https://domain.com

Solution: He needs a cert for domain.com

The questions:

1.  What can be the possible solution to make the SSL certificate work for http://sitename.com

answer, get a new cert.

2.  but is there any other solution that can make it work without spending all the extra bucks

answer, no.  but if extra bucks are the problem, choose someone other than verisign.

Cheers.

0

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Preparing an email is something we should all take special care with – especially when the email is for somebody you may not know very well. The pressures of everyday working life stacked with a hectic office environment can make this a real challen…
When it comes to security, close monitoring is a must. According to WhiteHat Security annual report, a substantial number of all web applications are vulnerable always. Monitis offers a new product - fully-featured Website security monitoring and pr…
Integration Management Part 2
Screencast - Getting to Know the Pipeline

581 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question