I use this in the port 80 virtual host (or main section) to refer any http request to https. The DocumentRoots should be the same or at least point to a similar file system structure in the http and ssl virtualhosts. It also informs proxies that it should cache the https version and not the http due to the 301 response code.
<Location /> RedirectMatch 301 (.*)$ https://servername.comain$1 </Location> -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Roy Keene (Contractor) Sent: Thursday, October 11, 2007 8:00 AM To: modssl-users@modssl.org Subject: Re: How to redirect http to https on same server? Bernard Barton wrote: > I'm trying to redirect users from http://vhost.mydomain.com to > https://vhost.mydomain.com using this RewriteRule: > > RewriteCond %{SERVER_PORT} !^443$ > RewriteRule ^/(.*)$ https://cj-mydomain.choicepoint.net/$1 [L,R] > > > This does not seem to work. I have the following defined as a virtual > host, and the ssl.include is listed below that. What do I need to do > to redirect http to https on the same server? > > -Thanks > > > <IfDefine SSL> > <VirtualHost 178.45.221.41:443> > > #See file below > Include conf/conf.d/ssl.include > > ErrorLog /usr/local/apache/logs/ssl_mydomain_error_log > CustomLog /usr/local/apache/logs/ssl_mydomain_access_log > combined > > <IfModule mod_proxy.c> > ProxyRequests On > > ProxyPass / http://vhost.mydomain.net:80/ > ProxyPassReverse / http://vhost.mydomain.net:80/ > > > </IfModule> > > </VirtualHost> > </IfDefine> > > > ########################### ssl.include > > SSLEngine on > > SSLCipherSuite > ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL > > SSLCertificateFile > /usr/local/apache-1.3.37/conf/ssl.crt/star_mydomain_net.crt > > SSLCertificateKeyFile > /usr/local/apache-1.3.37/conf/ssl.key/star_mydomain_net.key > > SSLCertificateChainFile > /usr/local/apache-1.3.37/conf/ssl.crt/DigiCertCA.crt > > <Files ~ "\.(cgi|shtml|phtml|php3|roc|rock?)$"> > SSLOptions +StdEnvVars > </Files> > > SetEnvIf User-Agent ".*MSIE.*" \ > nokeepalive ssl-unclean-shutdown \ > downgrade-1.0 force-response-1.0 > > ______________________________________________________________________ > Apache Interface to OpenSSL (mod_ssl) www.modssl.org > User Support Mailing List modssl-users@modssl.org > Automated List Manager [EMAIL PROTECTED] > This is what I use (from internal documentation): 1. Redirect all HTTP requests to HTTPS a. Load mod_rewrite (see: http://httpd.apache.org/docs/1.3/mod/mod_rewrite.html ) b. Add the following rule to your non-HTTPS server configuration (httpd.conf): # Require HTTPS RewriteEngine on RewriteRule ^/(.*) https://${SERVER_NAME}/$1 [redirect=permanent] Yours should work, too, though since it is only substantially different in two (2) ways: 1. You don't have "RewriteEngine on" in the snippet, I assume you have it somewhere though 2. You check SERVER_PORT against !^443$ (it would probably be better to check the environment variable HTTPS, though) -- that should work. -- Roy Keene (Contractor) Office of Network Management (Code 7030.8) Naval Research Laboratory Stennis Space Center, MS 39529 DSN 828-4827 ______________________________________________________________________ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List modssl-users@modssl.org Automated List Manager [EMAIL PROTECTED] ______________________________________________________________________ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List modssl-users@modssl.org Automated List Manager [EMAIL PROTECTED]