mcnute
asked on
apache mod_rewrite causes form to be a 302 redirect on SSL based Website
Hello Experts,
I have a website which is using SSL to encrypt all the browsing. For a reason I had to redirect all non SSL requests to the SSL requests. This is where the apache causes a 302 status code, which is not liked by Internet Explorer users with high security options. Likely to happen in corporations with firewalls and filters on their internet connections.
So what happens IE complains about being redirected to a page which is not registered with that domain, which is not true, our comodo SSL certificate covers www. non www. http and https obviously. What I think happens is, that the form is sent to the http://action-url.com/action-page.php and is then complaining that apache httpd is redirecting to the https: version of that action-page.php.
So I have a really simple form, which is post and have a action url. And then IE would output something like that:
What is the worst of that thing I cannot reproduce the error on my Internet Explorer 9 in my office. So I'm fishing in turbid water.
If any mod_rewrite SSL Guru is under you. I'm well thankful of any hint, which could lead to a solution.
I have a website which is using SSL to encrypt all the browsing. For a reason I had to redirect all non SSL requests to the SSL requests. This is where the apache causes a 302 status code, which is not liked by Internet Explorer users with high security options. Likely to happen in corporations with firewalls and filters on their internet connections.
So what happens IE complains about being redirected to a page which is not registered with that domain, which is not true, our comodo SSL certificate covers www. non www. http and https obviously. What I think happens is, that the form is sent to the http://action-url.com/action-page.php and is then complaining that apache httpd is redirecting to the https: version of that action-page.php.
So I have a really simple form, which is post and have a action url. And then IE would output something like that:
The security certificate presented by this website was issued for a different website address.
Security certificate problems may indicate an attempt to fool you or intercept data you send to the server.
It is recommended that you close this webpage and do not go to this website.
What is the worst of that thing I cannot reproduce the error on my Internet Explorer 9 in my office. So I'm fishing in turbid water.
If any mod_rewrite SSL Guru is under you. I'm well thankful of any hint, which could lead to a solution.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
This issue is might somewhat more complicated but due to information descretion I cannot post an url and my apache configurations here.
I will therefore close this questions but will assign both of you half of the points, because of useful information you provided.
Thanks,
mcnute