[users@httpd] Redirect issues for SSL sites

[Ryan Klein <ry...@onyourmark.com>]

I am having an issue redirecting a domain, twice? The general layout is 
I have www.domain.com and domain.com redirect to https://domain.com, the 
problem I am having is how to have https://www.domain.com redirect to 
https://domain.com without giving a certificate error saying the 
certificate is for domain.com and _not_ www.domain.com? Thank you for 
any help on this.

-- 
Regards,

Ryan Klein


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

Re: [users@httpd] Redirect issues for SSL sites

[Karel Kubat <ka...@e-tunity.com>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi Ryan,

> On Dec 18, 2007 11:50 AM, Ryan Klein <ry...@onyourmark.com> wrote:
>> I am having an issue redirecting a domain, twice? The general  
>> layout is
>> I have www.domain.com and domain.com redirect to https:// 
>> domain.com, the
>> problem I am having is how to have https://www.domain.com redirect to
>> https://domain.com without giving a certificate error saying the
>> certificate is for domain.com and _not_ www.domain.com? Thank you for
>> any help on this.

You might want to try to get a certificate for "*.domain.com" (a  
wildcard certificate). Most browsers will accept that as a wildcard  
format, and won't nag in the switch. I am not sure though that  
"*.domain.com" matches "domain.com" (ie., I'm not sure that the  
wildcard matches 'nothing'). You might want to Google this, or simply  
try it out with a self-signed certificate.

I use this wildcard certificate approach succesfully for  
www.mydomain.com, static.mydomain.com, images.mydomain.com etc.

Hope this helps,
    --
    Karel Kubat / M +31 6 2956 4861 (+31 6 AWK 6 HUM 1)
    From the Oneliners Collection:
    Why buy shampoo when real poo is still free?

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (Darwin)

iD8DBQFHaOE+23FrzRzybNURAn5jAJ99baYKo0ws0nafltGc6GMXfiSEeACgq0Am
cPyhP/8lJU6lMG/j+cOCchQ=
=5jde
-----END PGP SIGNATURE-----

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

Re: [users@httpd] Redirect issues for SSL sites

[Joshua Slive <jo...@slive.ca>]

On Dec 18, 2007 11:50 AM, Ryan Klein <ry...@onyourmark.com> wrote:
> I am having an issue redirecting a domain, twice? The general layout is
> I have www.domain.com and domain.com redirect to https://domain.com, the
> problem I am having is how to have https://www.domain.com redirect to
> https://domain.com without giving a certificate error saying the
> certificate is for domain.com and _not_ www.domain.com? Thank you for
> any help on this.

To do this you'll need a valid SSL certificate for www.domain.com. The
redirect is sent only after the SSL connection is negotiated (because
the redirect itself could potentially be sensitive information, and
because the SSL negotiation happens at a higher network level than the
HTTP headers that carry the redirect). So if you can't negotiate a
valid SSL connection, you can't send a redirect.

Joshua.

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org