Reputation: 83
Redirect from HTTPs to HTTP in Apache
I got several sites running under the same IP with name-based virtual host support activated:
- myexamplesite0.com <-- HTTP
- myexamplesite1.com <-- HTTPs
- myexamplesite2.com <-- HTTP
In my apache config (/etc/apache2/sites-available/default-ssl) I have a rewrite rule to redirect requests from HTTPs to HTTP.
<VirtualHost *:443>
<IfModule mod_rewrite.c>
RewriteEngine On
# Redirect to HTTP
RewriteCond %{HTTPS} on
RewriteCond %{HTTP_HOST} !^(www\.)?myexamplesite1\.com [NC]
RewriteRule (.*) http://%{HTTP_HOST}%{REQUEST_URI} [R,L]
</IfModule>
[...]
As you see, everything exept for myexamplesite1.com gets redirected to a HTTP-version.
Now, the problem is, that if I type https://myexamplesite2.com, the browser first asks for the confirmation of the snake-oil certificate (i.e. the requrest lands in default-ssl). Once the certificate is accepted, the redirection to the HTTP version takes place. I just don't get why.
I want the redirection first resp. without the certificate issue. Is that possible? What am I missing?
I would accept to show a non-existent HTTPs-site as well, if this is necessary.
Upvotes: 0
Views: 152
Answers (1)
Reputation: 584
If I understand you correctly you want to redirect the client to HTTP site before the browser shows the "Bad certificate/No CA" warning.
But their is a problem... SSL/TLS is lower down in the network stack than HTTP. After you have a secure socket only then the HTTP protocol is kicked in.
So no. you cannot do that, otherwise HTTPS will be totally broken to MITM attacks...
Upvotes: 1
Related Questions
- Https to http redirect using htaccess
- How do you redirect HTTPS to HTTP?
- Redirect a website from http to https
- Redirect HTTP to HTTPS Apache2
- Apache redirect from http to https
- SSL http to https redirection using drupal
- Redirecting http to https
- Apache Https to Http Redirect
- how to redirect https requests to http
- https to http redirect