Solved

.htaccess redirect for ssl

Posted on 2009-07-06
12
601 Views
Last Modified: 2012-05-07
I have a client who has her certificate at http://domainname.com.

There is already some .htaccess code that will redirect if someone comes in via http://www.... and redirect it to the non www version.

However, this does not work for someone who pre-types in httpS://www.domainname.com   This throws a "certificate invalid" error.

Anyone know how to fix this?   I've been banging my head against it all day.
Options +FollowSymLinks 

RewriteEngine on 

RewriteCond %{HTTP_HOST} ^www.mydomain.com

RewriteRule (.*)$ http://mydomain.com/$1 [L,R=301]

Open in new window

0
Comment
Question by:expert-marglar
  • 5
  • 4
  • 2
  • +1
12 Comments
 

Expert Comment

by:tang199
ID: 24790734
I just had the do the same thing, and used this:

RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
0
 
LVL 4

Expert Comment

by:nasserd
ID: 24790798
What "tang199" said =)
0
 

Author Comment

by:expert-marglar
ID: 24790821
Thanks Tang199.

So, this will prevent the site from allowing a https://www.mydomain.com/xxxx  from being loaded and will instead redirect to https://mydomain.com/xxx?


0
 

Author Comment

by:expert-marglar
ID: 24790855
Ok, I tried it but it doesn't do what I need.   What it does is force an http connection over to an https..  not quite what I was looking for.

If I type in a www. before the domain name, I still get the invalid certificate error which is what I'm trying to get rid of.
0
 

Expert Comment

by:tang199
ID: 24790862
Expert-Marglar -  this will do is check if the url is using SSL, if not it will simply redirect it to the same url using SSL. Apparently I misunderstood your questions, I apologize. I will look into it a bit further and get back to you ASAP.
0
 

Expert Comment

by:tang199
ID: 24790933
Expert-Marglar - Try this, this should do the trick: obviously change the 'thedomain.com' to the domain you are referring to.

RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}

RewriteCond %{HTTPS} =on
REwriteCond %{HTTP_HOST} =www.thedomain.com
RewriteRule ^(.*) https://thedomain.com/%{REQUEST_URI}
0
Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

 

Expert Comment

by:tang199
ID: 24790953
that one works, but gives you an extra // - try this:

RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}

RewriteCond %{HTTPS} =on
REwriteCond %{HTTP_HOST} =www.thedomain.com
RewriteRule ^(.*) https://thedomain.com%{REQUEST_URI}
0
 

Author Comment

by:expert-marglar
ID: 24791101
hmmm.   Thanks a million for all of this help, however it still isn't working for me.

If I go to the domain name without www in it, its fine.  It all goes to https.  That is great.

If I put the domain name in with www in it, I get the invalid certificate error.

any ideas?
0
 
LVL 27

Accepted Solution

by:
caterham_www earned 500 total points
ID: 24792267
> If I put the domain name in with www in it, I get the invalid certificate error.

You can't change that; impossible; unless your certificate does match the www subdomain, too (some sort of a wildcard certificate). The certificate exchange happens prior the "normal" HTTP request is being send by the browser to the server. That's when your browser issues the domain name mismatch warning. It's impossible to reply with a HTTP response (here: redirect) prior the certificate exchange.
0
 

Author Comment

by:expert-marglar
ID: 24795295
Darn!  I was afraid that this was going to be the answer.

Is it possible to have multiple certificates?

Or, can I set up www. to be a separate sub-domain and then forward it to the non www?
0
 

Expert Comment

by:tang199
ID: 24795366
You should just get a wildcard cert
0
 
LVL 27

Expert Comment

by:caterham_www
ID: 24795712
> Is it possible to have multiple certificates?

Only one per IP. Hence either you have two IPs (and two certificates and a DNS routing non-www -> IP A, www IP -> B) or a wildcard certificate. That is a protocol limitation.

> Or, can I set up www. to be a separate sub-domain and then forward it to the non www?

That's what your rule in your 1st posting does. If you create a different virtualhost (but the same IP) or a ServerAlias and a RewriteRule within one vhost doesn't matter.
0

Featured Post

Control application downtime with dependency maps

Visualize the interdependencies between application components better with Applications Manager's automated application discovery and dependency mapping feature. Resolve performance issues faster by quickly isolating problematic components.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Over the last year I have answered a couple of basic URL rewriting questions several times so I thought I might as well have a stab at: explaining the basics, providing a few useful links and consolidating some of the most common queries into a sing…
It is possible to boost certain documents at query time in Solr. Query time boosting can be a powerful resource for finding the most relevant and "best" content. Of course the more information you index, the more fields you will be able to use for y…
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.
Delivering innovative fully-managed cloud services for mission-critical applications requires expertise in multiple areas plus vision and commitment. Meet a few of the people behind the quality services of Concerto.

947 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now