[thelist] Revoked SSL

Phil Turmel pturmel-webdev at turmel.org
Mon Jul 6 07:52:35 CDT 2009

Daniel Burke wrote:
> Or a more complete answer, if the first thing the browser receives
> when going to the https URL is a http redirect header sending it to
> the regular http site, then the browser will never request your
> invalid certificate, and it will be back to normal.
> Most web servers have a way of doing this.

Sorry, No.  The SSL security layer is "below" the http layer in an https 
connection, so the encryption failure happens before the GET or POST is 
even sent down the wire.

Closing port 443 will change the error to some form of "host not 
responding", but that's all you can do without a new certificate.



More information about the thelist mailing list