httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
Subject [users@httpd] redirection, SSL, Internet Explorer
Date Tue, 16 Dec 2003 17:55:14 GMT
I wonder if somebody has faced a similar problem.

I need to redirect all unsecured connections (http) to a private section 
of our intranet to a secure connection (https). I am using 
RedirectPermanent directive to accomplish the redirection. The solution 
works fine with Mozilla Firebird. But It does not work with I.E. version 

Using Mozilla Firebird, everything works fine:
1. user types http://hostname:88/privateArea in the location field
2. Mozilla presents user the certificate.
3. user accepts the certificate.
4. Mozilla prompts user for userid and password.
5. user enters valid userid and password.
6. as intended, request lands on https://hostname:444/privateArea  (this 
URL replaces unsecured URL in the location field of Mozilla)

Now, using I.E., if one types the same URL as above, this is what happens:
1. I.E. presents user the certificate.
2. user accepts the certificate.
3. I.E. prompts user for userid and password.
4. user enters valid userid and password.
5. I.E. respond with error page "Page cannot be displayed  ... Cannot find 
server or DNS Error" and the address field in I.E. is still 
However, if the URL https://hostname:444/privateArea is typed directly 
into I.E., everything works fine: certificate is presented, user is 
prompted for userid/password and the intended page is shown.

Here are the relevant parts of my configuration (running apache 2.0.48 on 
Solaris 2.6):

httpd.conf file
Listen 88
Listen 8181
Include /path/to/ssl.conf
      ServerName hostname:88
      DocumentRoot "/path/to/intranetDocumentRoot" 
      <Directory "/path/to/intranetPrivateArea">
              Options FollowSymLinks IncludesNOEXEC Indexes Multiviews
     Alias /privateArea "/path/to/intranetPrivateArea"
     RedirectPermanent /privateArea https://hostname:444/privateArea
     ServerName otherWebSite:8181
     DocumentRoot "/path/to/otherWebSite/documentRoot"

ssl.conf file
Listen 444
<VirtualHost _default_:444>
      ServerName hostname:444
      DocumentRoot "/path/to/intranetDocumentRoot"
      SSLEngine on
      <Directory "/path/to/intranetPrivateArea">
              Options FollowSymLinks IncludesNOEXEC Indexes Multiviews
              Order Deny,Allow
              Allow from all
              AuthType Basic
              AuthName "Intranet Private Area"
              AuthUserFile "/path/to/password/file"
             Require valid-user
      Alias /privateArea "/path/to/intranetPrivateArea" 


Shen C. Yang

Information Technology Specialist
Federal Reserve Bank of New York -
Tel: (212) 720 2857

Any comments or statements made in this transmission reflect the views of 
the sender and are not necessarily the views of the Federal Reserve Bank 
of New York.
View raw message