httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Mike Soultanian <msoul...@csulb.edu>
Subject Re: [users@httpd] Question about SSL and Apache and a certificate error
Date Mon, 29 Sep 2008 22:04:33 GMT


Justin Pasher wrote:
>
> Actually, ignore everything I just said. All this time I thought that 
> was what apache was doing, but it's actually occurring after the 
> mismatched server name warning is presented. The rewrite rule will 
> still catch the request and redirect them to https://www.csulb.edu, 
> but not until after the warning has already been issued.
>
Heh, no worries ;)

However, I think you might be able to help me solve a few of the problem 
cases.  Here's what's going on.  I have a message forum running at 
http://www.csulb.edu/itforums.  When you hit the site there is an 
.htaccess directive that automatically redirects you to to the SSL 
version of the site:

RewriteEngine on
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}

This works great, except when someone types csulb.edu/itforums in their 
browser.  They then get redirected to https://csulb.edu/itforums and 
receive a certificate error.  I can't really fix the case of someone 
typing https://csulb.edu/itforums (which will probably be rare), I can 
still take care of the other cases: having both 
http://www.csulb.edu/itforums and http://csulb.edu/itforums forward to 
https://www.csulb.edu/itforums.  I tried to do this but my rewrite 
statements don't seem to work right:

RewriteEngine on
RewriteCond %{HTTPS} off
RewriteCond %{HTTP_HOST} !www
RewriteRule (.*) https://www.%{HTTP_HOST}%{REQUEST_URI}

RewriteCond %{HTTPS} off
RewriteCond %{HTTP_HOST} www
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}

Here are some test pages where I've applied the above directives:

http://csulb.edu/projects/itforums/dev/ -> 
https://www.csulb.edu/projects/itforums/dev/
The above correctly updated the URL and is running SSL

http://www.csulb.edu/projects/itforums/dev/ -> 
http://www.csulb.edu/projects/itforums/dev/
The above doesn't work correctly as it doesn't go SSL

Notice the second case doesn't forward to https.  Any idea why?

Thanks!
Mike

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message