Redirecting SSL without raising an alert

https apache-2.2 ssl mod-rewrite

A client has an SSL certificate only for the www.site.com version of the domain, not site.com.

Redirecting for regular HTTP was not a problem via mod_rewrite.

However, this method seemed to fail for us for HTTPS.

We want to redirect https://site.com requests to https://www.site.com.

Can this be done without raising an invalid certificate warning in the browser, or getting a wildcard certificate?


Solution 1:

No, it doesn't work that way.

The SSL transaction happens before any HTTP is sent, so the SSL warning will appear before any redirect can happen.

Actually, I don't believe a wildcard would work, either, since site.com and *.site.com are not the same. You may want to consider Subject Alternative Names on the certificate.

Related

Enforce SSH key passwords?
Internet Explorer 9 & 10 Group Policy Preferences missing
Gitlab not working with SSH Keys
Is there a replacement for the removed "Windows System Resource Manager" feature in the Windows Server 2012 R2 release?
Correctly setting the hostname - Fedora 20 on Amazon EC2
How to restore mysql database from the physical files?
Why don't people just use rsync to back up vmware guests?
MacOS keyboard layout not working on linux trough barrier(synergy)
Is there a way to run just save with firewalld in RHEL7?
Where & how can I see IIS7 log entries for a specific web site?
How to monitor CPU usage and performance on a Hyper-V server with several VM's
php-fpm.sock failed (11: Resource temporarily unavailable) while connecting to upstream