[thelist] Revoked SSL

Fred Jones fredthejonester at gmail.com
Mon Jul 6 06:09:02 CDT 2009

> Or a more complete answer, if the first thing the browser receives
> when going to the https URL is a http redirect header sending it to
> the regular http site, then the browser will never request your
> invalid certificate, and it will be back to normal.
> Most web servers have a way of doing this.

This is a shared hosting Linux/Apache site. I tried this in .htaccess:

RewriteEngine on
RewriteBase /
RewriteCond %{HTTPS} =on
#RewriteCond %{THE_REQUEST} ^[A-Z]{3,9}\ /(.*)//(.*)\ HTTP/ [NC]
RewriteRule ^.*$ http://%{SERVER_NAME}/%1/%2 [R=301,L]

with and without that line commented but it doesn't help. :(

More information about the thelist mailing list