We help IT Professionals succeed at work.

Catch SSL cert request error so as to redirect to the correct site

kw66722
kw66722 asked
on
using ASP.Net, When users make secure page requests using

https://somesite.com/securePage.aspx
 
the user gets an error:

--------------------------------------------------------------------------------

Error code: ssl error bad cert domain
 
--------------------------------------------------------------------------------
The certificate was issued to www.somesite.com and indicates that somesite.com uses an invalid security certificate.

I was hoping to be able to catch the request in the Application BeginRequest event but the SSL error occurs before this. In order to invoke the Application BeginRequest event the user needs to click through the certificate error message. Is it possible to redirect in code so the error will not be received?
Comment
Watch Question

Top Expert 2004

Commented:
As far as I know, that is a client-side condition, and it is not exposed to the server.

Commented:
My understanding is that the redirect would not be sent until after the HTTPS connection is made, and the SSL certificate is in play:

http://blog.expressionsoftware.com/2011/02/https-sequence-diagram.html

Author

Commented:
is there a way to do it on the certificate then?
Top Expert 2004
Commented:
What is invalid about the current certificate?  Many modern CAs issue certificates that match both www.domain.com and domain.com.  Perhaps purchasing the certificate from a different CA will resolve the issue.

In any case, that is the basics of the solution here - fix whatever is wrong with the certificate.  You will not be able to intercept how the client reacts to the certificate during the handshake process.