Solved

.htaccess redirect for ssl

Posted on 2009-07-06
12
603 Views
Last Modified: 2012-05-07
I have a client who has her certificate at http://domainname.com.

There is already some .htaccess code that will redirect if someone comes in via http://www.... and redirect it to the non www version.

However, this does not work for someone who pre-types in httpS://www.domainname.com   This throws a "certificate invalid" error.

Anyone know how to fix this?   I've been banging my head against it all day.
Options +FollowSymLinks 
RewriteEngine on 
RewriteCond %{HTTP_HOST} ^www.mydomain.com
RewriteRule (.*)$ http://mydomain.com/$1 [L,R=301]

Open in new window

0
Comment
Question by:expert-marglar
  • 5
  • 4
  • 2
  • +1
12 Comments
 

Expert Comment

by:tang199
ID: 24790734
I just had the do the same thing, and used this:

RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
0
 
LVL 4

Expert Comment

by:nasserd
ID: 24790798
What "tang199" said =)
0
 

Author Comment

by:expert-marglar
ID: 24790821
Thanks Tang199.

So, this will prevent the site from allowing a https://www.mydomain.com/xxxx  from being loaded and will instead redirect to https://mydomain.com/xxx?


0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 

Author Comment

by:expert-marglar
ID: 24790855
Ok, I tried it but it doesn't do what I need.   What it does is force an http connection over to an https..  not quite what I was looking for.

If I type in a www. before the domain name, I still get the invalid certificate error which is what I'm trying to get rid of.
0
 

Expert Comment

by:tang199
ID: 24790862
Expert-Marglar -  this will do is check if the url is using SSL, if not it will simply redirect it to the same url using SSL. Apparently I misunderstood your questions, I apologize. I will look into it a bit further and get back to you ASAP.
0
 

Expert Comment

by:tang199
ID: 24790933
Expert-Marglar - Try this, this should do the trick: obviously change the 'thedomain.com' to the domain you are referring to.

RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}

RewriteCond %{HTTPS} =on
REwriteCond %{HTTP_HOST} =www.thedomain.com
RewriteRule ^(.*) https://thedomain.com/%{REQUEST_URI}
0
 

Expert Comment

by:tang199
ID: 24790953
that one works, but gives you an extra // - try this:

RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}

RewriteCond %{HTTPS} =on
REwriteCond %{HTTP_HOST} =www.thedomain.com
RewriteRule ^(.*) https://thedomain.com%{REQUEST_URI}
0
 

Author Comment

by:expert-marglar
ID: 24791101
hmmm.   Thanks a million for all of this help, however it still isn't working for me.

If I go to the domain name without www in it, its fine.  It all goes to https.  That is great.

If I put the domain name in with www in it, I get the invalid certificate error.

any ideas?
0
 
LVL 27

Accepted Solution

by:
caterham_www earned 500 total points
ID: 24792267
> If I put the domain name in with www in it, I get the invalid certificate error.

You can't change that; impossible; unless your certificate does match the www subdomain, too (some sort of a wildcard certificate). The certificate exchange happens prior the "normal" HTTP request is being send by the browser to the server. That's when your browser issues the domain name mismatch warning. It's impossible to reply with a HTTP response (here: redirect) prior the certificate exchange.
0
 

Author Comment

by:expert-marglar
ID: 24795295
Darn!  I was afraid that this was going to be the answer.

Is it possible to have multiple certificates?

Or, can I set up www. to be a separate sub-domain and then forward it to the non www?
0
 

Expert Comment

by:tang199
ID: 24795366
You should just get a wildcard cert
0
 
LVL 27

Expert Comment

by:caterham_www
ID: 24795712
> Is it possible to have multiple certificates?

Only one per IP. Hence either you have two IPs (and two certificates and a DNS routing non-www -> IP A, www IP -> B) or a wildcard certificate. That is a protocol limitation.

> Or, can I set up www. to be a separate sub-domain and then forward it to the non www?

That's what your rule in your 1st posting does. If you create a different virtualhost (but the same IP) or a ServerAlias and a RewriteRule within one vhost doesn't matter.
0

Featured Post

Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Introduction As you’re probably aware the HTTP protocol offers basic / weak authentication, which in combination with the relevant configuration on your web server, provides the ability to password protect all or part of your host.  If you were not…
If you are running a LAMP infrastructure, this little code snippet is very helpful if you are serving lots of HTML, JavaScript and CSS-related information. The mod_deflate module, which is part of the Apache 2.2 application, provides the DEFLATE…
This tutorial gives a high-level tour of the interface of Marketo (a marketing automation tool to help businesses track and engage prospective customers and drive them to purchase). You will see the main areas including Marketing Activities, Design …
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

773 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question