[users@httpd] URI / SSL help please

[Ryan Huff <Ry...@knl.cc>]

Okay I have SSL up and working just fine on Apache 2.2.4.
 
    I have my Cert for 'mydomain.com' however when people access
'www.mydomain.com' the browser says that the CA didn't issue the
certificate for the domain that the browser is accessing.  Obviously
this is due to the 'www.'.
 
    Now, I need to know how to fix that?  How do I truncate 'www.' out
of the URI before Apache processes the request?  Or maybe its a
redirect?  Please help ... I am going NUTS!
 
P.S
I have a mod_rewrite condition that will kick all :80 over to :443 (so
if you access the site using http:// it automatically goes to https://)
 
 
-Thanks,
 
Ryan

Re: [users@httpd] URI / SSL help please

[Joshua Slive <jo...@slive.ca>]

On 5/7/07, Ryan Huff <Ry...@knl.cc> wrote:
> I have this in my conf:
>
> RewriteEngine On
> RewriteCond %{HTTPS} off
> RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
>
> Now that code chunk kicks all :80 traffic to https (:443) .... I need a
> rule that will also kick http://www. Over to https://
>
> If someone access the site by http://www.whatever.com, I want it to goto
> https://%{HTTP_HOST}%{REQUEST_URI}

If you only have one site, this is easy:
RewriteCond %{HTTPS} off
RewriteRule ^/(.*) https://example.com/$1

If you want to be fancy and handle all domain names the same way:
RewriteCond %{HTTPS} off
RewriteCond %{HTTP_HOST} ^(www\.)?(.*) [NC]
RewriteRule ^/(.*) https://%2/$1

(I'm assuming you're doing this in httpd.conf. To do it in an
.htaccess would require a small adjustment.)

Joshua.

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

RE: [users@httpd] URI / SSL help please

[Ryan Huff <Ry...@knl.cc>]

I have this in my conf:

RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}

Now that code chunk kicks all :80 traffic to https (:443) .... I need a
rule that will also kick http://www. Over to https://

If someone access the site by http://www.whatever.com, I want it to goto
https://%{HTTP_HOST}%{REQUEST_URI}

-----Original Message-----
From: jslive@gmail.com [mailto:jslive@gmail.com] On Behalf Of Joshua
Slive
Sent: Monday, May 07, 2007 3:36 PM
To: users@httpd.apache.org
Subject: Re: [users@httpd] URI / SSL help please

On 5/7/07, Ryan Huff <Ry...@knl.cc> wrote:
>
>
> Okay I have SSL up and working just fine on Apache 2.2.4.
>
>     I have my Cert for 'mydomain.com' however when people access 
> 'www.mydomain.com' the browser says that the CA didn't issue the 
> certificate for the domain that the browser is accessing.  Obviously 
> this is due to the 'www.'.
>
>     Now, I need to know how to fix that?  How do I truncate 'www.' out

> of the URI before Apache processes the request?  Or maybe its a
redirect?
> Please help ... I am going NUTS!
>
> P.S
> I have a mod_rewrite condition that will kick all :80 over to :443 (so

> if you access the site using http:// it automatically goes to 
> https://)

If people are requesting directly (or linking to)
https://www.mydomain.com/, then you are screwed. In order to redirect,
you first need the request to go through the SSL negotiation, so they
will get the warning message.

If people are requesting http://www.mydomain.com/, then you should
simply change your rewrite rules to send them over to
https://mydomain.com/. If you need help with that, you'd need to provide
more details about what you are doing.

Joshua.

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server
Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org




---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

Re: [users@httpd] URI / SSL help please

[Joshua Slive <jo...@slive.ca>]

On 5/7/07, Ryan Huff <Ry...@knl.cc> wrote:
>
>
> Okay I have SSL up and working just fine on Apache 2.2.4.
>
>     I have my Cert for 'mydomain.com' however when people access
> 'www.mydomain.com' the browser says that the CA didn't issue the certificate
> for the domain that the browser is accessing.  Obviously this is due to the
> 'www.'.
>
>     Now, I need to know how to fix that?  How do I truncate 'www.' out of
> the URI before Apache processes the request?  Or maybe its a redirect?
> Please help ... I am going NUTS!
>
> P.S
> I have a mod_rewrite condition that will kick all :80 over to :443 (so if
> you access the site using http:// it automatically goes to https://)

If people are requesting directly (or linking to)
https://www.mydomain.com/, then you are screwed. In order to redirect,
you first need the request to go through the SSL negotiation, so they
will get the warning message.

If people are requesting http://www.mydomain.com/, then you should
simply change your rewrite rules to send them over to
https://mydomain.com/. If you need help with that, you'd need to
provide more details about what you are doing.

Joshua.

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org