[thelist] Revoked SSL
Daniel Burke
dan.p.burke at gmail.com
Mon Jul 6 10:43:30 CDT 2009
I seem to recall if you tell apache to listen for http on the https
port, and then put in something to send a location header the browser
will do the right thing, although it's been a while and I'm suspecting
my brain is just filling in gaps... it's feeling more and more like I
have the two the wrong way around.
On Mon, Jul 6, 2009 at 11:17 PM, Bob Meetin<bobm at dottedi.biz> wrote:
> Phil Turmel wrote:
>> Daniel Burke wrote:
>>
>>> Or a more complete answer, if the first thing the browser receives
>>> when going to the https URL is a http redirect header sending it to
>>> the regular http site, then the browser will never request your
>>> invalid certificate, and it will be back to normal.
>>>
>>> Most web servers have a way of doing this.
>>>
>> Sorry, No. The SSL security layer is "below" the http layer in an https
>> connection, so the encryption failure happens before the GET or POST is
>> even sent down the wire.
>>
>> Closing port 443 will change the error to some form of "host not
>> responding", but that's all you can do without a new certificate.
>>
>> HTH,
>>
>> Phil
>>
> I do not know the answer, but for what it's worth I might run this by
> the webhost provider and ask their suggestions. The support staff at
> hostgator, bluehost and some others are pretty smart and probably have
> run into this problem in the past.
>
> --
> Bob
>
> --
>
> * * Please support the community that supports you. * *
> http://evolt.org/help_support_evolt/
>
> For unsubscribe and other options, including the Tip Harvester
> and archives of thelist go to: http://lists.evolt.org
> Workers of the Web, evolt !
>
More information about the thelist
mailing list