Hi all,
I have an Apache site running that should only be accessed via HTTPS. What we
wish to ensure is that if the site is called by it's DNS shortname (example,
`https://webserver01` rather than `https://webserver01.mycompany.com`, that the
URL request is rewritten to be for "https://webserver01.mycompany.com";, and
also if the URL has the `http://` protocol, that is rewritten to `https://`.
In the conf file for this site, we have the following rewrite rules:
(in httpd.conf:)
<VirtualHost *:80>
RequestHeader set X-Forwarded-Proto "http"
RewriteEngine On
RewriteCond %{HTTP:X-Forwarded-Proto} !https
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R,L]
</VirtualHost>
(and in the include file ssl.conf:)
RewriteEngine on
RewriteCond %{HTTP_HOST} !^webserver01\.mycompany\.com [NC]
RewriteCond %{HTTP_HOST} !^$
RewriteRule ^(.*)$ https://webserver01.mycompany.com$1 [r=301,nc]
What is happening is that if I call the site as
`http://webserver01.mycompany.com`, the URL is indeed transformed into
`https://webserver01.mycompany.com` and the SSL connection works fine (no
errors.) However, if I form the URL as either `http://webserver01` or
`https://webserver01`, it does not get rewritten correctly (it does switch the
proto to HTTPS, but doesn't rewrite the rest of the URL), and I get a resulting
SSL error (`NET::ERR_CERT_COMMON_NAME_INVALID` in Chrome) since the certificate
has the common name of `webserver01.mycompany.com`.
I have tested the ssl.conf rewrite rule via the site
http://htaccess.madewithlove.be/ and it is doing the correct rewrite... So is
it a order-of-operations problem or something? (Please excuse my ignorance with
Apache and mod_rewrite, haven't had to admin an Apache site for many moons
now...)
Thanks,
Will
_______________________________________________
Tech mailing list
Tech@lists.lopsa.org
https://lists.lopsa.org/cgi-bin/mailman/listinfo/tech
This list provided by the League of Professional System Administrators
http://lopsa.org/
