[thelist] Revoked SSL

Daniel Burke dan.p.burke at gmail.com
Mon Jul 6 10:43:30 CDT 2009

I seem to recall if you tell apache to listen for http on the https
port, and then put in something to send a location header the browser
will do the right thing, although it's been a while and I'm suspecting
my brain is just filling in gaps... it's feeling more and more like I
have the two the wrong way around.

On Mon, Jul 6, 2009 at 11:17 PM, Bob Meetin<bobm at dottedi.biz> wrote:
> Phil Turmel wrote:
>> Daniel Burke wrote:
>>> Or a more complete answer, if the first thing the browser receives
>>> when going to the https URL is a http redirect header sending it to
>>> the regular http site, then the browser will never request your
>>> invalid certificate, and it will be back to normal.
>>> Most web servers have a way of doing this.
>> Sorry, No.  The SSL security layer is "below" the http layer in an https
>> connection, so the encryption failure happens before the GET or POST is
>> even sent down the wire.
>> Closing port 443 will change the error to some form of "host not
>> responding", but that's all you can do without a new certificate.
>> HTH,
>> Phil
> I do not know the answer, but for what it's worth I might run this by
> the webhost provider and ask their suggestions.  The support staff at
> hostgator, bluehost and some others are pretty smart and probably have
> run into this problem in the past.
> --
> Bob
> --
> * * Please support the community that supports you.  * *
> http://evolt.org/help_support_evolt/
> For unsubscribe and other options, including the Tip Harvester
> and archives of thelist go to: http://lists.evolt.org
> Workers of the Web, evolt !

More information about the thelist mailing list