Bernard Barton wrote:
I'm trying to redirect users from http://vhost.mydomain.com to
https://vhost.mydomain.com using this RewriteRule:
RewriteCond %{SERVER_PORT} !^443$
RewriteRule ^/(.*)$ https://cj-mydomain.choicepoint.net/$1 [L,R]
This does not seem to work. I have the following defined as a virtual
host, and the ssl.include is listed below that. What do I need to do to
redirect http to https on the same server?
-Thanks
<IfDefine SSL>
<VirtualHost 178.45.221.41:443>
#See file below
Include conf/conf.d/ssl.include
ErrorLog /usr/local/apache/logs/ssl_mydomain_error_log
CustomLog /usr/local/apache/logs/ssl_mydomain_access_log combined
<IfModule mod_proxy.c>
ProxyRequests On
ProxyPass / http://vhost.mydomain.net:80/
ProxyPassReverse / http://vhost.mydomain.net:80/
</IfModule>
</VirtualHost>
</IfDefine>
########################### ssl.include
SSLEngine on
SSLCipherSuite
ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
SSLCertificateFile
/usr/local/apache-1.3.37/conf/ssl.crt/star_mydomain_net.crt
SSLCertificateKeyFile
/usr/local/apache-1.3.37/conf/ssl.key/star_mydomain_net.key
SSLCertificateChainFile /usr/local/apache-1.3.37/conf/ssl.crt/DigiCertCA.crt
<Files ~ "\.(cgi|shtml|phtml|php3|roc|rock?)$">
SSLOptions +StdEnvVars
</Files>
SetEnvIf User-Agent ".*MSIE.*" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users@modssl.org
Automated List Manager [EMAIL PROTECTED]
This is what I use (from internal documentation):
1. Redirect all HTTP requests to HTTPS
a. Load mod_rewrite (see:
http://httpd.apache.org/docs/1.3/mod/mod_rewrite.html )
b. Add the following rule to your non-HTTPS server configuration
(httpd.conf):
# Require HTTPS
RewriteEngine on
RewriteRule ^/(.*) https://${SERVER_NAME}/$1
[redirect=permanent]
Yours should work, too, though since it is only substantially different in two
(2) ways:
1. You don't have "RewriteEngine on" in the snippet, I assume you have it
somewhere though
2. You check SERVER_PORT against !^443$ (it would probably be better to check
the environment variable HTTPS, though) -- that should work.
--
Roy Keene (Contractor)
Office of Network Management (Code 7030.8)
Naval Research Laboratory
Stennis Space Center, MS 39529
DSN 828-4827
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users@modssl.org
Automated List Manager [EMAIL PROTECTED]