SSL Certificates and Redirection

by

Both, because the redirection is an HTTP-level thing which happens inside the SSL envelope. The client needs to establish an SSL connection to the original host name before it sees the redirect, then after following the redirect it must establish another SSL connection to the target host name.

If you’re redirecting between the www and non-www forms of the same domain, it’s often the case that one certificate will cover both (using the “subject alternative name” mechanism). For example, I have a site with a certificate from RapidSSL, and when you ask them for a certificate securing www.example.com they automatically issue it with a SAN for the plain example.com form included. I have a single Apache HTTPD with two name-based virtual host definitions on the same IP address pointing to the same certificate.

More Related Contents:

  1. Heroku NodeJS http to https ssl forced redirect
  2. Cloudfront redirect www to naked domain with ssl [closed]
  3. Nginx Redirect HTTP to HTTPS and non-www to ww
  4. Nginx no-www to www and www to no-www
  5. What is the difference between redirect and navigation/forward and when to use what?
  6. URL Fragment and 302 redirects
  7. How can I move a URL via 301 redirect and retain the page’s Facebook likes and Open Graph information?
  8. How to redirect to an external URL in Angular2?
  9. How do you redirect HTTPS to HTTP?
  10. nginx: rewrite a LOT (2000+) of urls with parameters
  11. Google OAuth 2.0 redirect_uri with several parameters
  12. How to redirect a URL in Nginx
  13. Force HTTPS for specific URL
  14. How to redirect stderr to null in cmd.exe
  15. How to pass model attributes from one Spring MVC controller to another controller?
  16. Force SSL/HTTPS with mod_rewrite [duplicate]
  17. apache redirect http to https and www to non www
  18. How to force SSL / https in Express.js
  19. Redirecting EC2 Elastic Load Balancer from HTTP to HTTPS
  20. GDB print to file instead of stdout
  21. DNS Records Redirect www to non-www
  22. Break javascript before an inline javascript redirect in Chrome
  23. Amazon S3 Redirect and Cloudfront
  24. How to stop redirected URL from being masked?
  25. Heroku/GoDaddy: send naked domain to www [closed]
  26. How to redirect to a different domain using Nginx?
  27. Intercepting backend 301/302 redirects (proxy_pass) and rewriting to another location block possible?
  28. iis url redirect http to non www https [duplicate]
  29. Redirect to ‘www’ before ssl requirement
  30. FOSUserBundle : Redirect the user after register with EventListener

Leave a Comment