Forum Discussion

Michael_Farnan_'s avatar
Michael_Farnan_
Icon for Nimbostratus rankNimbostratus
May 25, 2007

Redirect HTTPs without error message.

For some reason a group of pamphlets got sent out for our website without the preceding www. I don't have a certificate for just the 2nd level domain name. So I am trying to find a way to redirect https requests without the client recieving an error. Below is what i've got but they still recieve an error stating the certificate does not match.

This redirects https request without www to an https request with www and the same path.
If a client is coming in without the www they are redirected to www
when HTTP_REQUEST {
if {([HTTP::host] equals "foo.com")}
{
log local0. "[IP::client_addr] was misdirected"
HTTP::redirect https://www.[getfield [HTTP::host] ":" 1][HTTP::uri]
}
}

1 Reply

  • If the client makes a request to the VIP with a host of foo.com and the cert you present to the client isn't for foo.com or *.foo.com, the browser will generate a cert mismatch error. It doesn't matter if you respond with HTTP content or an HTTP redirect to a domain you do have a cert for.

     

     

    In order to avoid the cert mismatch warning, you need to get a cert for foo.com or *.foo.com. However, I'm guessing that if you can't get a cert for foo.com you won't be able to get a wildcard cert for *.foo.com either.

     

     

    Aaron