[ILUG] apache2 mod_rewrite

Kae Verens kae at verens.com
Fri Jun 20 16:45:26 IST 2008 

either way, it won't work, as when you access a server through https, 
the first thing that the server does is check the certificate, ignoring 
the host name that you used. In fact, when using https, the host name is 
not used at any point by the server, even if you're normally using 
virtualhosts.

as far as I know, there is no way to do this.

some people will of course know better.

Kae

Luke Mallon wrote:
> Hey Marcus,
> First post to ilug. Don't know much about mod rewrite but would it not be
> better to write the rewrite rule like this?
> 
> RewriteRule ^http([s]?)://host/([a-zA-Z0-9]*)$ https://host.fqdn.com/$2
> 
> Luke
> 
> 2008/6/20 Marcus Furlong <furlongm at hotmail.com>:
> 
>> Hi list,
>>
>> I've been playing around with a .htaccess file and mod_rewrite, but I can't
>> get it to do what i want. Which is..
>>
>> [1] http://host redirects to https://host.fqdn.com
>> [2] https://host redirects to https://host.fqdn.com
>>
>> The reason I'm trying to do this is that firefox 3 gives an error page now
>> instead of the certificate warning of firefox 1 or 2, when not accessing
>> the server by the fqdn. So I'd like to fix this using rewrite rules on the
>> server before rolling out firefox 3. The firefox 3 error page says:
>>
>>  Secure Connection Failed
>>  'host' uses an invalid security certificate.
>>  The certificate is not valid for any server names.
>>  (Error code: ssl_error_bad_cert_domain)
>>
>> My .htaccess contains
>>
>> RewriteEngine On
>> RewriteCond %{HTTP_HOST} !host.fqdn.com
>> RewriteRule ^(.*) https://host.fqdn.com%{REQUEST_URI} [R=301]
>> RewriteCond %{HTTPS} off
>> RewriteRule ^(.*) https://host.fqdn.com%{REQUEST_URI} [R=301,L]
>>
>> which works for [1] but not for [2]. Is it possible to get the second case
>> to work?
>>
>> Marcus.
>>
>> --
>> Irish Linux Users' Group mailing list
>> About this list : http://mail.linux.ie/mailman/listinfo/ilug
>> Who we are : http://www.linux.ie/
>> Where we are : http://www.linux.ie/map/
>>


-- 
Kae Verens' signature
http://webworks.ie/    lead programmer
http://verens.com/     my blog
http://kfm.verens.com/ current project
--
this is Kae's signature's signature.
--
Kae's signature's signature does not get one though

More information about the ILUG mailing list