Solved

.htaccess redirect for ssl

Posted on 2009-07-06
12
607 Views
Last Modified: 2012-05-07
I have a client who has her certificate at http://domainname.com.

There is already some .htaccess code that will redirect if someone comes in via http://www.... and redirect it to the non www version.

However, this does not work for someone who pre-types in httpS://www.domainname.com   This throws a "certificate invalid" error.

Anyone know how to fix this?   I've been banging my head against it all day.
Options +FollowSymLinks 
RewriteEngine on 
RewriteCond %{HTTP_HOST} ^www.mydomain.com
RewriteRule (.*)$ http://mydomain.com/$1 [L,R=301]

Open in new window

0
Comment
Question by:expert-marglar
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 4
  • 2
  • +1
12 Comments
 

Expert Comment

by:tang199
ID: 24790734
I just had the do the same thing, and used this:

RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
0
 
LVL 4

Expert Comment

by:nasserd
ID: 24790798
What "tang199" said =)
0
 

Author Comment

by:expert-marglar
ID: 24790821
Thanks Tang199.

So, this will prevent the site from allowing a https://www.mydomain.com/xxxx  from being loaded and will instead redirect to https://mydomain.com/xxx?


0
Don't Miss ATEN at InfoComm 2017!

Visit booth #2167 to see the  new ATEN VM3200 32 x 32 Modular Matrix Switch. Other highlights include the VE8950 4K HDMI Over IP Extender, VS1912 12-Port DP Video Wall Media Player  and VK2100 ATEN Control System. Register now with Free Pass Code ATEN288!

 

Author Comment

by:expert-marglar
ID: 24790855
Ok, I tried it but it doesn't do what I need.   What it does is force an http connection over to an https..  not quite what I was looking for.

If I type in a www. before the domain name, I still get the invalid certificate error which is what I'm trying to get rid of.
0
 

Expert Comment

by:tang199
ID: 24790862
Expert-Marglar -  this will do is check if the url is using SSL, if not it will simply redirect it to the same url using SSL. Apparently I misunderstood your questions, I apologize. I will look into it a bit further and get back to you ASAP.
0
 

Expert Comment

by:tang199
ID: 24790933
Expert-Marglar - Try this, this should do the trick: obviously change the 'thedomain.com' to the domain you are referring to.

RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}

RewriteCond %{HTTPS} =on
REwriteCond %{HTTP_HOST} =www.thedomain.com
RewriteRule ^(.*) https://thedomain.com/%{REQUEST_URI}
0
 

Expert Comment

by:tang199
ID: 24790953
that one works, but gives you an extra // - try this:

RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}

RewriteCond %{HTTPS} =on
REwriteCond %{HTTP_HOST} =www.thedomain.com
RewriteRule ^(.*) https://thedomain.com%{REQUEST_URI}
0
 

Author Comment

by:expert-marglar
ID: 24791101
hmmm.   Thanks a million for all of this help, however it still isn't working for me.

If I go to the domain name without www in it, its fine.  It all goes to https.  That is great.

If I put the domain name in with www in it, I get the invalid certificate error.

any ideas?
0
 
LVL 27

Accepted Solution

by:
caterham_www earned 500 total points
ID: 24792267
> If I put the domain name in with www in it, I get the invalid certificate error.

You can't change that; impossible; unless your certificate does match the www subdomain, too (some sort of a wildcard certificate). The certificate exchange happens prior the "normal" HTTP request is being send by the browser to the server. That's when your browser issues the domain name mismatch warning. It's impossible to reply with a HTTP response (here: redirect) prior the certificate exchange.
0
 

Author Comment

by:expert-marglar
ID: 24795295
Darn!  I was afraid that this was going to be the answer.

Is it possible to have multiple certificates?

Or, can I set up www. to be a separate sub-domain and then forward it to the non www?
0
 

Expert Comment

by:tang199
ID: 24795366
You should just get a wildcard cert
0
 
LVL 27

Expert Comment

by:caterham_www
ID: 24795712
> Is it possible to have multiple certificates?

Only one per IP. Hence either you have two IPs (and two certificates and a DNS routing non-www -> IP A, www IP -> B) or a wildcard certificate. That is a protocol limitation.

> Or, can I set up www. to be a separate sub-domain and then forward it to the non www?

That's what your rule in your 1st posting does. If you create a different virtualhost (but the same IP) or a ServerAlias and a RewriteRule within one vhost doesn't matter.
0

Featured Post

Simplifying Server Workload Migrations

This use case outlines the migration challenges that organizations face and how the Acronis AnyData Engine supports physical-to-physical (P2P), physical-to-virtual (P2V), virtual to physical (V2P), and cross-virtual (V2V) migration scenarios to address these challenges.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Hi, in this article I'm going to teach you how to run your own site, and how to let people in (without IP). I'll talk about and explain each step... :) By the way, everything in this Tutorial is completely free and legal. This article is for …
If your site has a few sections that need to be secure when data is transmitted between the server and local computer, such as a /order/ section for ordering or /customer/ which contains customer data, etc it would of course be recommended to secure…
In this video, viewers are given an introduction to using the Windows 10 Snipping Tool, how to quickly locate it when it's needed and also how make it always available with a single click of a mouse button, by pinning it to the Desktop Task Bar. Int…
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question