• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 416
  • Last Modified:

ssl redirection is not working- mod_rewrite...........

Hi,

I want to redirect https://xyz.com to https://www.xyz.com, but somehow its not working.
we are using mod_rewrite module with apache.

Could you please direct us how to do it..........


Also its seems to be some ssl header limitation. Could you demonstrate the data flow difference between https and http



Regards.
0
pradeep_bansal
Asked:
pradeep_bansal
  • 7
  • 3
1 Solution
 
mcuk_stormCommented:
An example of how to achieve this would be:

        RewriteEngine on
        RewriteCond %{SSL} !^off$
        RewriteRule ^(.*)$      https://%{HTTP_HOST}$1
0
 
pradeep_bansalAuthor Commented:
Its working fine with http to https......
but its not working with https to https redirection......


I have done everything similar to above reply but didnt yeild anything positive.
0
 
mcuk_stormCommented:
The rewrite rule for the xyz.com to www.xyz.com would be something like this:
RewriteEngine on
RewriteCond %{HTTP_HOST} !^www\.
RewriteRule ^(.*)$      https://www.%{HTTP_HOST}$1 [L]

It does work ( i have tested it on a live setup ) but please ensure that these rewrite rules are in the site configuration for the SSL site not the site running on port 80.
0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

 
pradeep_bansalAuthor Commented:
Well we are using more than one ports in apache server.


Is there any way from which this rule only confines upto 443 port.(i.e can we use AND loop in RewriteCondition--- (443)&&(!^www\.))



Please suggest..........
0
 
mcuk_stormCommented:
You can add another RewriteCond so
RewriteEngine on
RewriteCond %{HTTPS} !^off$
RewriteCond %{HTTP_HOST} !^www\.
RewriteRule ^(.*)$      https://www.%{HTTP_HOST}$1 [L]

This will redirect to the www. version if they are using https and aren't going to the www. version.

I think i may have just worked out what you are trying to achieve, if your certificate isn't valid for the non www. version they will still get the warning message and have to accept it before this redirect will work to direct the to the domain for which the cert if valid.
0
 
pradeep_bansalAuthor Commented:
This is also giving me same result:        NO REDIRECTION


It works fine for url with http but not with https.................
0
 
pradeep_bansalAuthor Commented:
When the https header request flows then firstly it forward to CA url............ so if CA find exact url then simply throws error of bad certificate...................so rewrite process which should be taken place after ssl authentication remain unhit..........
0
 
pradeep_bansalAuthor Commented:
And after accepting "This Connection is Untrusted" message, the redirection rule is working perfectly.



But I require this before all that.........................
0
 
pradeep_bansalAuthor Commented:
Just clearing my post:


we have bought certificate for https://www.xyz.com and not for https://xyz.com.


So, we want https://xyz.com request to redirect  on https://www.xyz.com..............
but on hitting https://xyz.com, apache takes us to the message(ssl untrusted). which we want to bypass..
0
 
samriCommented:
Hi pradeep,

I am not sure if this is possible at all.  Apologies for my naiveness.

If we were to look at the situation, client type in https://xyz.com/ and hit your apache, then during ssl handshake, the Browser (and not Apache) that is complaining about the certificate name mistmatch.  Note that the certificate common name is www.xyz.com, but the request is going to xyz.com.

excellent info here:
http://publib.boulder.ibm.com/infocenter/tivihelp/v2r1/index.jsp?topic=/com.ibm.itame2.doc_5.1/ss7aumst18.htm

just my 1 cents.
0
 
pradeep_bansalAuthor Commented:
Yes this can not be acheived as the ssl request firstly goes to CA site.
The only way is to use wild card certificate for whole domain.
0

Featured Post

Vote for the Most Valuable Expert

It’s time to recognize experts that go above and beyond with helpful solutions and engagement on site. Choose from the top experts in the Hall of Fame or on the right rail of your favorite topic page. Look for the blue “Nominate” button on their profile to vote.

  • 7
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now