Mailing-List: contact users-help@httpd.apache.org; run by ezmlm
Precedence: bulk
Reply-To: users@httpd.apache.org
Received-SPF: pass (athena.apache.org: domain of msoultan@csulb.edu designates
 134.139.1.35 as permitted sender)
Message-ID: <48E150F1.5030600@csulb.edu>
Date: Mon, 29 Sep 2008 15:04:33 -0700
From: Mike Soultanian <msoultan@csulb.edu>
User-Agent: Thunderbird 2.0.0.17 (Windows/20080914)
MIME-Version: 1.0
To: users@httpd.apache.org
References: <48E139BA.4080709@csulb.edu>
 <48E143AC.5050605@newmediagateway.com> <48E14842.7000208@csulb.edu>
 <48E14B61.7080802@newmediagateway.com> <48E14E14.6050507@newmediagateway.com>
In-Reply-To: <48E14E14.6050507@newmediagateway.com>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Subject: Re: [users@httpd] Question about SSL and Apache and a certificate
 error


Justin Pasher wrote:
>
> Actually, ignore everything I just said. All this time I thought that 
> was what apache was doing, but it's actually occurring after the 
> mismatched server name warning is presented. The rewrite rule will 
> still catch the request and redirect them to https://www.csulb.edu, 
> but not until after the warning has already been issued.
>
Heh, no worries ;)

However, I think you might be able to help me solve a few of the problem 
cases.  Here's what's going on.  I have a message forum running at 
http://www.csulb.edu/itforums.  When you hit the site there is an 
.htaccess directive that automatically redirects you to to the SSL 
version of the site:

RewriteEngine on
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}

This works great, except when someone types csulb.edu/itforums in their 
browser.  They then get redirected to https://csulb.edu/itforums and 
receive a certificate error.  I can't really fix the case of someone 
typing https://csulb.edu/itforums (which will probably be rare), I can 
still take care of the other cases: having both 
http://www.csulb.edu/itforums and http://csulb.edu/itforums forward to 
https://www.csulb.edu/itforums.  I tried to do this but my rewrite 
statements don't seem to work right:

RewriteEngine on
RewriteCond %{HTTPS} off
RewriteCond %{HTTP_HOST} !www
RewriteRule (.*) https://www.%{HTTP_HOST}%{REQUEST_URI}

RewriteCond %{HTTPS} off
RewriteCond %{HTTP_HOST} www
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}

Here are some test pages where I've applied the above directives:

http://csulb.edu/projects/itforums/dev/ -> 
https://www.csulb.edu/projects/itforums/dev/
The above correctly updated the URL and is running SSL

http://www.csulb.edu/projects/itforums/dev/ -> 
http://www.csulb.edu/projects/itforums/dev/
The above doesn't work correctly as it doesn't go SSL

Notice the second case doesn't forward to https.  Any idea why?

Thanks!
Mike

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org