[thelist] Redirect to correct SSL Host on Apache

Ken Schaefer Ken at adOpenStatic.com
Mon Oct 2 02:55:10 CDT 2006

: -----Original Message-----
: From: thelist-bounces at lists.evolt.org [mailto:thelist-
: bounces at lists.evolt.org] On Behalf Of Max Schwanekamp
: Subject: [thelist] Redirect to correct SSL Host on Apache
: Our site hosted on Apache 1.3 has an SSL certificate installed on the
: null
: host address, e.g. example.com (rather than, say,  www. or
: secure.example.com).  While the php script redirects the client to the
: correct host when clicking on links, sometimes people apparently type
: in
: https://www.example.com and get a security warning popup in their
: browser,
: because the certificate is good for example.com, but not for
: www.example.com.  So my question is, how can I redirect clients to the
: correct host without triggering a security warning in their browser?
: This Apache 1.3.  I have access to both .htaccess and httpd.conf.  TIA!

Since the SSL handshake occurs before anything happens HTTP wise, I'm not
sure there is anything you can do except:
a) get a wildcard cert that matches both example.com and www.example.com
b) setup two hosts (www.example.com and example.com), and get two
certificates. Redirect from one to the other

But not being an Apache expert, my advice could be off-base. Maybe there is
some way of doing this that I don't know about.


My Blog: www.adOpenStatic.com/cs/blogs/ken

More information about the thelist mailing list