?
Solved

https canonical to https non-canonical

Posted on 2014-04-04
5
Medium Priority
?
196 Views
Last Modified: 2014-04-07
Hello everyone,
I have a question and hoping someone might have the answer for it.  I have a web server hosting 3 web sites all using SSL.  I have a SAN SSL supporting each of the sites.  The sites are in the Cert as www.mydomain.com, www.mydomain1.com, ect.  
What I am trying to do, is get it if someone types in the canonical address of https://mydomain.com i can redirect it to https://www.mydomain.com.  The reasoning behind this is that when they use the cononical address, they get a certificate error stating the site is not trusted.  
I could get a refund on the cert and get another SAN cert that will allow 10 host names but that would mean defeat and I am not willing to do that yet.  I know it can be done, as I have seen it happen on bank sites, unfortunately I am not sure how this is done.  I have tried many a things to redirect and rewrite with no luck.  
The web server is IIS 7.5.  Any and all help will be greatly appreciated.
Thank you
0
Comment
Question by:Linear-IT
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
5 Comments
 
LVL 83

Accepted Solution

by:
Dave Baldwin earned 2000 total points
ID: 39979051
You can only do a redirect AFTER the connection is made.  That means you have to have a cert for or that includes the domain name that you want to redirect from.
0
 
LVL 53

Expert Comment

by:Scott Fell, EE MVE
ID: 39979369
Or a 301 redirect via web.config

I use alphassl/globalsign https://www.globalsign.com/ssl/domain-ssl/features.html and the cert works both www and naked. (alphassl is the cheap brand same company http://www.alphassl.com )

A wildcard ssl allows any subdomain.

If the redirect does not work, and you know the easy solution is... "I could get a refund on the cert and get another SAN cert...."  Why not just do that?  See if anybody else has a quick fix.
0
 
LVL 83

Expert Comment

by:Dave Baldwin
ID: 39979431
Or a 301 redirect via web.config
Nope.  You can not redirect from HTTPS to HTTP without a cert for the first domain name.  In HTTPS, the connection is negotiated before Anything else.  No cert, no connection, no redirect.

Wildcards are kind of expensive last time I checked.
0
 

Author Closing Comment

by:Linear-IT
ID: 39983094
After more research I found this to be true.  I was hoping I was going to find another way but alas that is not the case.  Thank you!
0
 
LVL 83

Expert Comment

by:Dave Baldwin
ID: 39983477
You're welcome, glad to help.
0

Featured Post

Cyber Threats to Small Businesses (Part 1)

This past May, Webroot surveyed more than 600 IT decision-makers at medium-sized companies to see how these small businesses perceived new threats facing their organizations.  Read what Webroot CISO, Gary Hayslip, has to say about the survey in part 1 of this 2-part blog series.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

These instructions are based on installing Owncloud on your new raspberry pi connected with a usb HDD. What do you need Part A? A Raspberry Pi, model B. A boot SD card for the Raspberry Pi. A usb HDD An Ethernet cable to connect to the lo…
The task of choosing a web design company to build a website for your business should never be taken in a light manner. Provided the fact that your website will act as a representative to your business and will be responsible for imposing an online …
The purpose of this video is to demonstrate how to set up the WordPress backend so that each page automatically generates a Mailchimp signup form in the sidebar. This will be demonstrated using a Windows 8 PC. Tools Used are Photoshop, Awesome…
In this brief tutorial Pawel from AdRem Software explains how you can quickly find out which services are running on your network, or what are the IP addresses of servers responsible for each service. Software used is freeware NetCrunch Tools (https…

800 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question