How to redirect http to https on same server?

I'm trying to redirect users from http://vhost.mydomain.com to
https://vhost.mydomain.com using this RewriteRule:

RewriteCond %{SERVER_PORT} !^443$
RewriteRule ^/(.*)$ https://cj-mydomain.choicepoint.net/$1 [L,R]


This does not seem to work. I have the following defined as a virtual
host, and the ssl.include is listed below that. What do I need to do to
redirect http to https on the same server?

-Thanks





#See file below
Include conf/conf.d/ssl.include

ErrorLog /usr/local/apache/logs/ssl_mydomain_error_log
CustomLog /usr/local/apache/logs/ssl_mydomain_access_log combined


ProxyRequests On

ProxyPass / http://vhost.mydomain.net:80/
ProxyPassReverse / http://vhost.mydomain.net:80/








########################### ssl.include

SSLEngine on

SSLCipherSuite
ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+e NULL

SSLCertificateFile
/usr/local/apache-1.3.37/conf/ssl.crt/star_mydomain_net.crt

SSLCertificateKeyFile
/usr/local/apache-1.3.37/conf/ssl.key/star_mydomain_net.key

SSLCertificateChainFile /usr/local/apache-1.3.37/conf/ssl.crt/DigiCertCA.crt


SSLOptions +StdEnvVars


SetEnvIf User-Agent ".*MSIE.*" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0

____________________________________________________________ __________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users@modssl.org
Automated List Manager majordomo@modssl.org

Re: How to redirect http to https on same server?

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Bernard Barton wrote:
> I'm trying to redirect users from http://vhost.mydomain.com to
> https://vhost.mydomain.com using this RewriteRule:

I just use:
RedirectPermanent / https://my.host.com

- --
Aaron Dalton | Super Duper Games
aaron@daltons.ca | http://superdupergames.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (MingW32)
Comment: My Key: http://biglumber.com/x/web?qs=8811d2a4
Comment: My Website: http://superdupergames.org
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iEYEARECAAYFAkcOKiMACgkQvlYKTYgR0qTEtgCgwLPuqyWQAVhzzW1HqMlm INsT
8nMAn3YFo0IXz26eVTMmpWgQERT2jADQ
=lPRb
-----END PGP SIGNATURE-----
____________________________________________________________ __________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users@modssl.org
Automated List Manager majordomo@modssl.org

Re: How to redirect http to https on same server?

Bernard Barton wrote:
> I'm trying to redirect users from http://vhost.mydomain.com to
> https://vhost.mydomain.com using this RewriteRule:
>
> RewriteCond %{SERVER_PORT} !^443$
> RewriteRule ^/(.*)$ https://cj-mydomain.choicepoint.net/$1 [L,R]
>
>
> This does not seem to work. I have the following defined as a virtual
> host, and the ssl.include is listed below that. What do I need to do to
> redirect http to https on the same server?
>
> -Thanks
>
>
>
>
>
> #See file below
> Include conf/conf.d/ssl.include
>
> ErrorLog /usr/local/apache/logs/ssl_mydomain_error_log
> CustomLog /usr/local/apache/logs/ssl_mydomain_access_log combined
>
>
> ProxyRequests On
>
> ProxyPass / http://vhost.mydomain.net:80/
> ProxyPassReverse / http://vhost.mydomain.net:80/
>
>
>
>
>
>
>
>
> ########################### ssl.include
>
> SSLEngine on
>
> SSLCipherSuite
> ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+e NULL
>
> SSLCertificateFile
> /usr/local/apache-1.3.37/conf/ssl.crt/star_mydomain_net.crt
>
> SSLCertificateKeyFile
> /usr/local/apache-1.3.37/conf/ssl.key/star_mydomain_net.key
>
> SSLCertificateChainFile /usr/local/apache-1.3.37/conf/ssl.crt/DigiCertCA.crt
>
>
> SSLOptions +StdEnvVars
>
>
> SetEnvIf User-Agent ".*MSIE.*" \
> nokeepalive ssl-unclean-shutdown \
> downgrade-1.0 force-response-1.0
>
> ____________________________________________________________ __________
> Apache Interface to OpenSSL (mod_ssl) www.modssl.org
> User Support Mailing List modssl-users@modssl.org
> Automated List Manager majordomo@modssl.org
>


This is what I use (from internal documentation):
1. Redirect all HTTP requests to HTTPS
a. Load mod_rewrite (see:
http://httpd.apache.org/docs/1.3/mod/mod_rewrite.html )
b. Add the following rule to your non-HTTPS server configuration
(httpd.conf):
# Require HTTPS
RewriteEngine on
RewriteRule ^/(.*) https://${SERVER_NAME}/$1 [redirect=permanent]


Yours should work, too, though since it is only substantially different in two
(2) ways:
1. You don't have "RewriteEngine on" in the snippet, I assume you have it
somewhere though
2. You check SERVER_PORT against !^443$ (it would probably be better to check
the environment variable HTTPS, though) -- that should work.
--
Roy Keene (Contractor)
Office of Network Management (Code 7030.8)
Naval Research Laboratory
Stennis Space Center, MS 39529
DSN 828-4827

____________________________________________________________ __________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users@modssl.org
Automated List Manager majordomo@modssl.org

RE: How to redirect http to https on same server?

I use this in the port 80 virtual host (or main section) to refer any
http request to https. The DocumentRoots should be the same or at least
point to a similar file system structure in the http and ssl
virtualhosts. It also informs proxies that it should cache the https
version and not the http due to the 301 response code.


RedirectMatch 301 (.*)$ https://servername.comain$1
=20


-----Original Message-----
From: owner-modssl-users@modssl.org
[mailto:owner-modssl-users@modssl.org] On Behalf Of Roy Keene
(Contractor)
Sent: Thursday, October 11, 2007 8:00 AM
To: modssl-users@modssl.org
Subject: Re: How to redirect http to https on same server?

Bernard Barton wrote:
> I'm trying to redirect users from http://vhost.mydomain.com to=20
> https://vhost.mydomain.com using this RewriteRule:
>=20
> RewriteCond %{SERVER_PORT} !^443$
> RewriteRule ^/(.*)$ https://cj-mydomain.choicepoint.net/$1 [L,R]
>=20
>=20
> This does not seem to work. I have the following defined as a virtual

> host, and the ssl.include is listed below that. What do I need to do=20
> to redirect http to https on the same server?
>=20
> -Thanks
>=20
>=20
>
>
>=20
> #See file below
> Include conf/conf.d/ssl.include
>=20
> ErrorLog /usr/local/apache/logs/ssl_mydomain_error_log
> CustomLog /usr/local/apache/logs/ssl_mydomain_access_log=20
> combined
>=20
>
> ProxyRequests On
>=20
> ProxyPass / http://vhost.mydomain.net:80/
> ProxyPassReverse / http://vhost.mydomain.net:80/
> =20
>=20
>
>=20
>
>
>=20
>=20
> ########################### ssl.include
>=20
> SSLEngine on
>=20
> SSLCipherSuite
> ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+e NULL
>=20
> SSLCertificateFile
> /usr/local/apache-1.3.37/conf/ssl.crt/star_mydomain_net.crt
>=20
> SSLCertificateKeyFile
> /usr/local/apache-1.3.37/conf/ssl.key/star_mydomain_net.key
>=20
> SSLCertificateChainFile=20
> /usr/local/apache-1.3.37/conf/ssl.crt/DigiCertCA.crt
>=20
>
> SSLOptions +StdEnvVars
>
>=20
> SetEnvIf User-Agent ".*MSIE.*" \
> nokeepalive ssl-unclean-shutdown \
> downgrade-1.0 force-response-1.0
>=20
> ____________________________________________________________ __________
> Apache Interface to OpenSSL (mod_ssl) www.modssl.org
> User Support Mailing List modssl-users@modssl.org
> Automated List Manager majordomo@modssl.org
>=20


This is what I use (from internal documentation):
1. Redirect all HTTP requests to HTTPS
a. Load mod_rewrite (see:
http://httpd.apache.org/docs/1.3/mod/mod_rewrite.html )
b. Add the following rule to your non-HTTPS server
configuration
(httpd.conf):
# Require HTTPS
RewriteEngine on
RewriteRule ^/(.*) https://${SERVER_NAME}/$1
[redirect=3Dpermanent]


Yours should work, too, though since it is only substantially different
in two
(2) ways:
1. You don't have "RewriteEngine on" in the snippet, I assume
you have it somewhere though
2. You check SERVER_PORT against !^443$ (it would probably be
better to check the environment variable HTTPS, though) -- that should
work.
--=20
Roy Keene (Contractor)
Office of Network Management (Code 7030.8)
Naval Research Laboratory
Stennis Space Center, MS 39529
DSN 828-4827

____________________________________________________________ __________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users@modssl.org
Automated List Manager majordomo@modssl.org
____________________________________________________________ __________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users@modssl.org
Automated List Manager majordomo@modssl.org

Re: How to redirect http to https on same server?

Thanks for all the responses. But no matter what I do or where I place
a Rewrite or Redirect, I get the following error in Firefox:

((("The page isn't redirecting properly

Firefox has detected that the server is redirecting the request for this
address in a way that will never complete.

This problem can sometimes be caused by disabling or refusing to accept
cookies.")))


The page is redirected from http://myserver to https://myserver, but I
get the above message. I do have Firefox configured to accept cookies.
When I try to access the site using IE, it just hangs. Any suggestions
would be greatly appreciated.




Roy Keene (Contractor) wrote:
> Bernard Barton wrote:
>> I'm trying to redirect users from http://vhost.mydomain.com to
>> https://vhost.mydomain.com using this RewriteRule:
>>
>> RewriteCond %{SERVER_PORT} !^443$
>> RewriteRule ^/(.*)$ https://cj-mydomain.choicepoint.net/$1 [L,R]
>>
>>
>> This does not seem to work. I have the following defined as a virtual
>> host, and the ssl.include is listed below that. What do I need to do to
>> redirect http to https on the same server?
>>
>> -Thanks
>>
>>
>>
>>
>>
>> #See file below
>> Include conf/conf.d/ssl.include
>>
>> ErrorLog /usr/local/apache/logs/ssl_mydomain_error_log
>> CustomLog /usr/local/apache/logs/ssl_mydomain_access_log
>> combined
>>
>>
>> ProxyRequests On
>>
>> ProxyPass / http://vhost.mydomain.net:80/
>> ProxyPassReverse / http://vhost.mydomain.net:80/
>>
>>
>>
>>
>>
>>
>> ########################### ssl.include
>>
>> SSLEngine on
>>
>> SSLCipherSuite
>> ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+e NULL
>>
>> SSLCertificateFile
>> /usr/local/apache-1.3.37/conf/ssl.crt/star_mydomain_net.crt
>>
>> SSLCertificateKeyFile
>> /usr/local/apache-1.3.37/conf/ssl.key/star_mydomain_net.key
>>
>> SSLCertificateChainFile
>> /usr/local/apache-1.3.37/conf/ssl.crt/DigiCertCA.crt
>>
>>
>> SSLOptions +StdEnvVars
>>
>>
>> SetEnvIf User-Agent ".*MSIE.*" \
>> nokeepalive ssl-unclean-shutdown \
>> downgrade-1.0 force-response-1.0
>>
>> ____________________________________________________________ __________
>> Apache Interface to OpenSSL (mod_ssl) www.modssl.org
>> User Support Mailing List modssl-users@modssl.org
>> Automated List Manager majordomo@modssl.org
>>
>
>
> This is what I use (from internal documentation):
> 1. Redirect all HTTP requests to HTTPS
> a. Load mod_rewrite (see:
> http://httpd.apache.org/docs/1.3/mod/mod_rewrite.html )
> b. Add the following rule to your non-HTTPS server configuration
> (httpd.conf):
> # Require HTTPS
> RewriteEngine on
> RewriteRule ^/(.*) https://${SERVER_NAME}/$1
> [redirect=permanent]
>
>
> Yours should work, too, though since it is only substantially
> different in two (2) ways:
> 1. You don't have "RewriteEngine on" in the snippet, I assume you
> have it somewhere though
> 2. You check SERVER_PORT against !^443$ (it would probably be
> better to check the environment variable HTTPS, though) -- that should
> work.

____________________________________________________________ __________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users@modssl.org
Automated List Manager majordomo@modssl.org

Re: How to redirect http to https on same server?

On Thu, 11 Oct 2007, Bernard Barton wrote:

> Thanks for all the responses. But no matter what I do or where I place
> a Rewrite or Redirect, I get the following error in Firefox:
>
> ((("The page isn't redirecting properly
>
> Firefox has detected that the server is redirecting the request for this
> address in a way that will never complete.
>

Where are you attempting to put the RedirectPermanent directive? I assume
you have a plain virtual host entry for http://myhost. In that
container you put the RedirectPermanent / https://myhost
(which is of course in it's own container with all the ssl
stuff). Can you copy your http://myhost config?

--
Aaron Dalton
Super Duper Games
http://superdupergames.org
____________________________________________________________ __________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users@modssl.org
Automated List Manager majordomo@modssl.org