Link to home
Start Free TrialLog in
Avatar of Steve Tinsley
Steve TinsleyFlag for United Kingdom of Great Britain and Northern Ireland

asked on

apache redirect https to http

I have a new Ubuntu web server running with Apache.
I have setup 1 website using the default conf file.

I want to make sure that if anyone visits the domian using httpS that it redirects to http.

I don't have any SSL certificates and am not planning on using any.

can someone advise how to do this?

thanks

Steve
Avatar of Jim Riddles
Jim Riddles
Flag of United States of America image

You can add a definition for the SSL version of your site in your config and use a redirect like the following:
<VirtualHost *:443>
  Redirect permanent / http://www.yoursite.com
</VirtualHost>

Open in new window

I actually do the opposite of this for my sites, by redirecting all of the traffic for the non-SSL site to the https version.
You can not do that.  HTTPS requires the secure connection be made before you can do anything else.  And if you don't have a certificate to support HTTPS, then the connection will never be made and it will fail.
Ah, thanks...I had never tried it in reverse.
Avatar of Steve Tinsley

ASKER

the server is running in a closed environment so there is no need for an ssl.

if I want to redirect from https to http is there a simple solution?? perhaps a selfsigned ssl??

any thoughts?
What is the likelyhood of clients trying to connect with HTTPS?  If it is low or none, I wouldn't bother to get or create a certificate just for a redirect.
unfortunately everyone will.
I have 100 iPads all with bookmarked URL that point to https. but this time the server is local so it currently doesn't have an ssl.
If the server has access to the internet, you can use a free SSL certificate from Let's Encrypt.  See their site for details.
Let's Encrypt
yes I thought that.
yes it can have access to the web... but not always.

would it work if, once the SSL was added, there was no internet.

obviously I would need to connect to renew every 3months or so??
Oops Jim, I didn't mean to hit the endorse button.
Steve,

Yes, it will continue to work if you lose internet access intermittently.  Yes, you would need to renew the cert every three months, as well.
Basically I have a server in the cloud and a local server.

The cloud server I have setup an ssl with lets encrypt, and this works fine.
The local server I want access-able with the same domain/url as the cloud server, but only when on my local lan otherwise the cloud server will pick it up (I can do this with my internal dns).

Currently If I try and setup a lets encrypt for the local server is doesn't let me because the domain resolves with the cloud server.
I could do a self sign for my local server, but then the user will get an 'Insecure Message'

Am I able to get the same lets encrypt ssl on the internal server as well?? How do I go about doing this??

I could temporally direct the domain to my local server (when it is connected to the web). And then once setup point back?
I suppose I could copy the ssl from the cloud server to the internal? Is this very complex, or is it just one file? Would this work??

Thoughts?

Steve
ASKER CERTIFIED SOLUTION
Avatar of Prabhin MP
Prabhin MP
Flag of India image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Prabhin MP's solution is the best solution for this question.