Reputation: 333
Cross-domain https redirect
I have a question regarding redirecting https requests.
Background
- Drupal multi-site administered via Aegir
- Apache server
- Shared IP; dynamic host-name resolution
The situation
I have a user with two domains pointing to the same site: foo.com and bar.com. Through Aegir, I am forwarding foo.com to bar.com. Requests for http://foo.com redirect to http://bar.com with no problem. The user also has a SSL that only covers bar.com, but not foo.com.
The question
On Apache (or, through Aegir) is it possible to forward https://foo.com requests to https://bar.com without throwing a certificate warning? Currently, anyone who makes a request to https://foo.com receives a certificate warning.
Many thanks for any expertise you can share!
Upvotes: 3
Views: 3674
Answers (3)
Reputation: 1393
Yes it is possible. There is the self-sufficient way and the easy way. :)
- Self sufficient way
Set up Let's Encrypt to automatically get an SSL certificate for foo.com on the machine that is running appache. You can now enable HTTPS for foo.com and have it forward both HTTP and HTTPS requests to bar.com
- Easy way
Use the free forwarding service https://redirect.pizza. They basically do the above for you. You tell them where to forward foo.com and then point foo.com DNS to them.
DISCLAIMER: I have nothing to do with redirect.pizza, I just really like their service. I was going to build the exact same service when I got frustrated that godaddy.com does not offer something like this, but then (luckily) found them and they did it perfectly to saved me the effort.
Upvotes: 1
Reputation: 2012
Yes it's possible. You need to validate using a Multi-Domain (SAN) Certificate. SAN stands for Subject Alternative Names.
You can either order one at Digicert for example, or create one for free using certbot and listing multiple domains on the command line, like so:
certbot certonly --manual -d foo.com -d www.foo.com -d bar.com -d www.bar.com --work-dir temp --logs-dir logs --config-dir config --preferred-challenges dns
Upvotes: 0
Reputation: 46040
No it's not possible.
When a browser requests a https site, the browser does the SSL negotiating first, and then handles the request (in this case returning the redirect).
So you need to have a valid cert for foo.com to pass that first stage.
Upvotes: 2
Related Questions
- .htaccess redirecting non SSL Domain to another SSL Domain
- Redirect One Domain To https 2nd Domain http
- htaccess ssl redirect on multidomain Website
- Rewrite HTTPS domain to another HTTPS domain - htaccess
- redirect to http to https for multiple domain
- Redirect an Old Domain to a New Domain with HTTPS in .htaccess
- Redirect from HTTPs to HTTP in Apache
- How to redirect from one http domain to another https domain via htaccess?
- Apache Https to Http Redirect
- Redirecting non-SSL domain to an SSL domain with a different TLD