Insidious little SSL problem.

We have a server running Apache 2, and an SSL certificate installed. The
common name on the certificate includes the 'www' prefix for the domain.

We're trying to set up a redirect (or some rewrite) such that people
connecting via https, and who have omitted the 'www' prefix don't get an
SSL warning (name on certificate does not match the name of the site)

I've tried several iterations of a mod_rewrite clause to no avail.

Is there an elegant solution to this problem? Any help would be greatly
appreciated.

Thanks!

/Chris Fournier

On 10/25/2005 6:12 PM, C.Fournier wrote:
> We have a server running Apache 2, and an SSL certificate installed. The
> common name on the certificate includes the 'www' prefix for the domain.
>
> We're trying to set up a redirect (or some rewrite) such that people
> connecting via https, and who have omitted the 'www' prefix don't get an
> SSL warning (name on certificate does not match the name of the site)
>
> I've tried several iterations of a mod_rewrite clause to no avail.
>
> Is there an elegant solution to this problem? Any help would be greatly
> appreciated.

This common question can be solved in different ways. One such solution is as
follows:

RewriteEngine on

RewriteRule ^$ / [R]

RewriteCond %{HTTP_HOST} !^www\.example\.com [NC]
RewriteRule ^/(.*)$ http://www.example.com/$1 [L,R]

--
_________________________________________
Bob Smith -- bsmith@sudleydeplacespam.com
a.k.a. bsmith@dequalitasspam.com

To reply to me directly, delete "despam".

Bob Smith wrote:

> This common question can be solved in different ways. One such solution
> is as follows:
>
> RewriteEngine on
>
> RewriteRule ^$ / [R]
>
> RewriteCond %{HTTP_HOST} !^www\.example\.com [NC]
> RewriteRule ^/(.*)$ http://www.example.com/$1 [L,R]
>


I had almost exactly that but it doesn't seem to want to work.
Incidentally, the SSL side is configured within a virtual host
container, if that matters. I've tried the above both in the global
config, and within the container.

We keep getting the SSL warnings.

/C.Fournier

Bob Smith wrote:
> On 10/25/2005 6:12 PM, C.Fournier wrote:
>
>> We have a server running Apache 2, and an SSL certificate installed.
>> The common name on the certificate includes the 'www' prefix for the
>> domain.
>>
>> We're trying to set up a redirect (or some rewrite) such that people
>> connecting via https, and who have omitted the 'www' prefix don't get
>> an SSL warning (name on certificate does not match the name of the site)
>>
>> I've tried several iterations of a mod_rewrite clause to no avail.
>>
>> Is there an elegant solution to this problem? Any help would be
>> greatly appreciated.
>
>
> This common question can be solved in different ways. One such solution
> is as follows:
>
> RewriteEngine on
>
> RewriteRule ^$ / [R]
>
> RewriteCond %{HTTP_HOST} !^www\.example\.com [NC]
> RewriteRule ^/(.*)$ http://www.example.com/$1 [L,R]
>

Hi Bob,

Thank you, but we still have the problem. I've tried the above both
inside the virtual host container, and at the global level. I had tried
the same thing before, but thought maybe the syntax was wrong.

We continue to get the SSL warning.

/C.Fournier

C.Fournier wrote:
> Bob Smith wrote:
>
>> This common question can be solved in different ways. One such
>> solution is as follows:
>>
>> RewriteEngine on
>>
>> RewriteRule ^$ / [R]
>>
>> RewriteCond %{HTTP_HOST} !^www\.example\.com [NC]
>> RewriteRule ^/(.*)$ http://www.example.com/$1 [L,R]
>>
>
>
> I had almost exactly that but it doesn't seem to want to work.
> Incidentally, the SSL side is configured within a virtual host
> container, if that matters. I've tried the above both in the global
> config, and within the container.
>
> We keep getting the SSL warnings.
>

If the request uses https://example.com/, it will cause the browser to
show a warning since the certificate does not match. You may be using
rewrite to send them to https://www.example.com/ but the initial
connection is made to example.com.

Also, in the above, the RewriteRule should probably be to https:, not http:.

HTH,
Jim