LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices

Reply
 
Search this Thread
Old 10-06-2008, 08:42 PM   #1
keysorsoze
Member
 
Registered: Apr 2004
Location: Queens, NY
Distribution: Red Hat, Solaris
Posts: 295

Rep: Reputation: 30
Apache SSL untrusted certificate


Hi I currently have a web server running a *.example.com wildcard certificate from Network solutions, From what I understand *.example.com will serve anything except for the example.com as being trusted under SSL. The issue is visitors are hitting our site at https://example.com instead of https://www.example.com and getting a untrusted certificate warning or mismatch because example.com is not covered under the wild card right? So after speaking to network solutions they suggested that if I wanted https://example.com to be a valid trusted certificate I should rewrite the access of the users from https://example.com to https://www.example.com. So I came up with the following rule:

Options +FollowSymLinks
RewriteCond %{HTTP_HOST} !^www\.example\.com [NC]
RewriteRule ^(.*)$ http://www.example.com/$1 [R=301,L]

The rule works but I am still getting the untrusted cert error when I hit https://example.com. Can anyone chime in on what I can do to make https://example.com trusted rather than purchasing an entirely separate certificate? for "example.com"?

Thanks
 
Old 10-06-2008, 09:21 PM   #2
win32sux
Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 371Reputation: 371Reputation: 371Reputation: 371
Why are they hitting https://example.com instead of http://example.com in the first place?

Are they like specifically typing the "s" into their address bar?

Last edited by win32sux; 10-06-2008 at 09:23 PM.
 
Old 10-06-2008, 10:47 PM   #3
keysorsoze
Member
 
Registered: Apr 2004
Location: Queens, NY
Distribution: Red Hat, Solaris
Posts: 295

Original Poster
Rep: Reputation: 30
win32sux, Thanks for the reply, I don't know why the PHP developers coded it in since we have a login block on our primary page. Is this bad design? Should a domain never be hit directly with https://example.com? If this is a requirement of the site, can the problem I described be resolved?
 
Old 10-07-2008, 08:18 AM   #4
win32sux
Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 371Reputation: 371Reputation: 371Reputation: 371
Quote:
Originally Posted by keysorsoze View Post
win32sux, Thanks for the reply, I don't know why the PHP developers coded it in since we have a login block on our primary page. Is this bad design? Should a domain never be hit directly with https://example.com? If this is a requirement of the site, can the problem I described be resolved?
Then the fix should be easy: Have them edit the PHP code so that https://www.example.com is used instead of https://example.com and you're set. My guess is the login form is using that address.
 
Old 10-08-2008, 08:36 PM   #5
keysorsoze
Member
 
Registered: Apr 2004
Location: Queens, NY
Distribution: Red Hat, Solaris
Posts: 295

Original Poster
Rep: Reputation: 30
Thanks win32sux will advise on this fix.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
How to renew apache ssl certificate m2azer Linux - General 0 01-04-2008 11:26 AM
Problem Creating Apache SSL Certificate kaplan71 Linux - Software 0 12-27-2005 12:52 PM
apache-ssl certificate no good ocularbob Linux - Software 2 09-30-2003 04:37 PM
How to create new SSL certificate for apache ?? chuck77 Linux - General 7 05-15-2003 01:16 PM
2 certificate ssl in 1 server apache simquest Linux - Software 2 07-24-2002 11:47 AM


All times are GMT -5. The time now is 11:57 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration