On 2015-03-12 at 13:32 -0700, Robert Hajime Lanning wrote:
> Unless both the server and client support SNI.
The only clients which don't are MSIE on Windows XP (or earlier) and
ancient Android (2.something), right? And other stuff so ancient that
the users are hosed with unfixed security vulnerab
Behalf Of Robert Hajime Lanning
Sent: Thursday, March 12, 2015 4:33 PM
To: tech@lists.lopsa.org
Subject: Re: [lopsa-tech] Apache rewrite rule not transforming URL as desired
I just forgo the RewriteCond in *:80 and use:
RewriteRule ^ https://fully.qualified.name%{REQUEST_URI} [R,L]
If you ge
I just forgo the RewriteCond in *:80 and use:
RewriteRule ^ https://fully.qualified.name%{REQUEST_URI} [R,L]
If you get a connection on port 80 and you are not configured to talk
SSL on that port, and you want EVERYTHING to use HTTPS, then just one
rewrite rule works great.
For *:443 it is
To avoid this issue in IIS, we used two separate rules in the correct
order. The first rule redirect host to host.domain.com. The next rule in
the sequence was the HTTPs redirect rule.
-D
On Thu, Mar 12, 2015 at 2:29 PM, Robert Hajime Lanning
wrote:
> If you access the site via https://webserver
If you access the site via https://webserver01, then the certificate
mismatch error will happen before the HTTP transaction (and redirect)
can happen.
This is the same for http://webserver01, since your redirect to HTTPS
does not rewrite the hostname.
On 03/12/15 11:01, Will Dennis wrote:
H
Hi all,
I have an Apache site running that should only be accessed via HTTPS. What we
wish to ensure is that if the site is called by it's DNS shortname (example,
`https://webserver01` rather than `https://webserver01.mycompany.com`, that the
URL request is rewritten to be for "https://webserve
