Mobile app version of vmapp.org
Login or Join
Angela700

: Redirecting specific URL from HTTPS to HTTP Long time lurker, first time caller... I have a backend like admin.mysite.com which is able to use HTTPS (has a certificate installed, etc) - but

@Angela700

Posted in: #Apache #Http #Https #ModRewrite

Long time lurker, first time caller...

I have a backend like admin.mysite.com which is able to use HTTPS (has a certificate installed, etc) - but that admin portal is a CMS backend for a number of client sites (ie. clientsite.com) that are hosted on the same servers.

Everything works well here, but the problem is when a user tries to go to www.clientsite.com it complains about SSL (because of the wildcard one I have installed for *.mysite.com). I would like to figure out a way to take that request and have it redirected to HTTP instead so they do not see this certificate error.

I can't do this via SSL termination, as HAProxy decrypts the request at the load balancer level and does not pass it to the backend. Which is the only way HAProxy can read HTTP headers I believe, so the client would still see an SSL error here.

My only other thought is to try a rewrite rule in Apache - but a conditional one.

So for example *.mysite.com can go SSL - but any other request that doesn't have that domain needs to be forced back to HTTP without seeing that pesky certificate warning.

Is this possible?

10.02% popularity Vote Up Vote Down


Login to follow query

More posts by @Angela700

2 Comments

Sorted by latest first Latest Oldest Best

 

@Hamaas447

I would NOT do ssl unless it is a SHA2 official CERT and unless you have control of httaccess folder redirections.
Run a Google search for: "FORCING ssl via htaccess"

(Note that Google Chrome may show you an error on a CERT if it is a SHA1).

10% popularity Vote Up Vote Down


 

@Holmes151

My only other thought is to try a rewrite rule in Apache - but a conditional one.
:
Is this possible?


Unfortunately not. The user sees the certificate error long before the request hits your server-side code.

The only way to fix a certificate error is to fix the certificate. If this was not the case then security could be bypassed.


the problem is when a user tries to go to www.clientsite.com

Although, why is the user trying to go to ...? Are they following a link?

10% popularity Vote Up Vote Down


Back to top | Use Dark Theme