Question about HTTPS without SSL???

Question about HTTPS without SSL???

am 04.03.2010 23:07:30 von unknown

Hello.

I am trying to redirect HTTPS connections to HTTP like:

https:www.mydomain.com -> http:www.mydomain.com (but I need not to show the=
invalid certificate page)

I simply try:

RewriteCond %{HTTP_HOST} ^www.mydomain.com [NC]
RewriteRule ^(.*)$ http://www.mydomain.com/$1 [L=2CR=3D301]

My problem is that browser show that I dont have a valid certificate for my=
first SSL connection....

There is a way for to redirect HTTPS before SSL or make any ... for not to =
show this "not valid certificate page" to the user?

I am trying to setup a virtual domain on the 443 port with the SSLengine of=
f but it does not works.

Any idea?=2C any help would be very apreciated.

Thanks a lot
---
Francisco Javier Morales L=F3pez de Gamarra
Malaga - Spain =20
____________________________________________________________ _____
Ahora Messenger en tu Blackberry=AE 8520 con Movistar por 0 =A4. =BFA qu=E9=
esperas?
http://serviciosmoviles.es.msn.com/messenger/blackberry.aspx =

------------------------------------------------------------ ---------
The official User-To-User support forum of the Apache HTTP Server Project.
See for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

Re: Question about HTTPS without SSL???

am 04.03.2010 23:15:12 von Eric Covener

> There is a way for to redirect HTTPS before SSL or make any ... for not to show this "not valid certificate page" to the user?

No.

--
Eric Covener
covener@gmail.com

------------------------------------------------------------ ---------
The official User-To-User support forum of the Apache HTTP Server Project.
See for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

RE: Question about HTTPS without SSL???

am 05.03.2010 08:28:22 von unknown

So something like this is not possible? and apache answer=20


ServerName www.mydomain.com
CustomLog /var/log/apache2/access.log combined
ErrorLog /var/log/apache2/error.log
DocumentRoot /var/www/web/portal
SSLEngine off
#####################################################

=20
I am trying but I have this in my logs...
=20
/0.9.8c (internal dummy connection)"
::1 - - [05/Mar/2010:08:17:05 +0100] "GET / HTTP/1.0" 302 - "-" "Apache/2.2=
..3 (Debian) PHP/4.4.4-8+etch6 mod_ssl/2.2.3 OpenSSL/0.9.8c (internal dummy =
connection)"

Assumed that is how apache works=20

=20
=20

> From: fmorales_htw@hotmail.com
> To: users@httpd.apache.org
> Subject: Question about HTTPS without SSL???
> Date: Thu=2C 4 Mar 2010 23:07:30 +0100
>=20
>=20
>=20
> Hello.
>=20
> I am trying to redirect HTTPS connections to HTTP like:
>=20
> https:www.mydomain.com -> http:www.mydomain.com (but I need not to show t=
he invalid certificate page)
>=20
> I simply try:
>=20
> RewriteCond %{HTTP_HOST} ^www.mydomain.com [NC]
> RewriteRule ^(.*)$ http://www.mydomain.com/$1 [L=2CR=3D301]
>=20
> My problem is that browser show that I dont have a valid certificate for =
my first SSL connection....
>=20
> There is a way for to redirect HTTPS before SSL or make any ... for not t=
o show this "not valid certificate page" to the user?
>=20
> I am trying to setup a virtual domain on the 443 port with the SSLengine =
off but it does not works.
>=20
> Any idea?=2C any help would be very apreciated.
>=20
> Thanks a lot
> ---
> Francisco Javier Morales L=F3pez de Gamarra
> Malaga - Spain=20
> ____________________________________________________________ _____
> Ahora Messenger en tu Blackberry=AE 8520 con Movistar por 0 =A4. =BFA qu=
=E9 esperas?
> http://serviciosmoviles.es.msn.com/messenger/blackberry.aspx =20
____________________________________________________________ _____
Escucha a quienes ya han probado Windows 7 =A1Hazlo aqu=ED!
http://www.sietesunpueblodeexpertos.com/index_windows7.html=

------------------------------------------------------------ ---------
The official User-To-User support forum of the Apache HTTP Server Project.
See for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

RE: RE: Question about HTTPS without SSL???

am 05.03.2010 09:00:19 von unknown

Because ..... could I try to use a ErrorDocument or Redirect 302=20
=20
directive for inform that the page is not available and that try woth no ss=
l address?
=20


----------------------------------------
> From: fmorales_htw@hotmail.com
> To: users@httpd.apache.org
> Date: Fri=2C 5 Mar 2010 08:28:22 +0100
> Subject: [users@httpd] RE: Question about HTTPS without SSL???
>
>
> So something like this is not possible? and apache answer
>
>=20
> ServerName www.mydomain.com
> CustomLog /var/log/apache2/access.log combined
> ErrorLog /var/log/apache2/error.log
> DocumentRoot /var/www/web/portal
> SSLEngine off
> #####################################################
>=20
>
> I am trying but I have this in my logs...
>
> /0.9.8c (internal dummy connection)"
> ::1 - - [05/Mar/2010:08:17:05 +0100] "GET / HTTP/1.0" 302 - "-" "Apache/2=
..2.3 (Debian) PHP/4.4.4-8+etch6 mod_ssl/2.2.3 OpenSSL/0.9.8c (internal dumm=
y connection)"
>
> Assumed that is how apache works
>
>
>
>
>> From: fmorales_htw@hotmail.com
>> To: users@httpd.apache.org
>> Subject: Question about HTTPS without SSL???
>> Date: Thu=2C 4 Mar 2010 23:07:30 +0100
>>
>>
>>
>> Hello.
>>
>> I am trying to redirect HTTPS connections to HTTP like:
>>
>> https:www.mydomain.com -> http:www.mydomain.com (but I need not to show =
the invalid certificate page)
>>
>> I simply try:
>>
>> RewriteCond %{HTTP_HOST} ^www.mydomain.com [NC]
>> RewriteRule ^(.*)$ http://www.mydomain.com/$1 [L=2CR=3D301]
>>
>> My problem is that browser show that I dont have a valid certificate for=
my first SSL connection....
>>
>> There is a way for to redirect HTTPS before SSL or make any ... for not =
to show this "not valid certificate page" to the user?
>>
>> I am trying to setup a virtual domain on the 443 port with the SSLengine=
off but it does not works.
>>
>> Any idea?=2C any help would be very apreciated.
>>
>> Thanks a lot
>> ---
>> Francisco Javier Morales L=F3pez de Gamarra
>> Malaga - Spain
>> ____________________________________________________________ _____
>> Ahora Messenger en tu Blackberry=AE 8520 con Movistar por 0 =A4. =BFA qu=
=E9 esperas?
>> http://serviciosmoviles.es.msn.com/messenger/blackberry.aspx
> ____________________________________________________________ _____
> Escucha a quienes ya han probado Windows 7 =A1Hazlo aqu=ED!
> http://www.sietesunpueblodeexpertos.com/index_windows7.html
> ------------------------------------------------------------ ---------
> The official User-To-User support forum of the Apache HTTP Server Project=
..
> See for more info.
> To unsubscribe=2C e-mail: users-unsubscribe@httpd.apache.org
> " from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands=2C e-mail: users-help@httpd.apache.org
> =20
____________________________________________________________ _____
Recibe en tu m=F3vil un SMS con tu Hotmail recibido. =A1Date de alta ya!
http://serviciosmoviles.es.msn.com/=

------------------------------------------------------------ ---------
The official User-To-User support forum of the Apache HTTP Server Project.
See for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

Re: RE: Question about HTTPS without SSL???

am 05.03.2010 09:45:14 von Philip Wigg

On 5 March 2010 08:00, Francisco Javier Morales L=F3pez de Gamarra
wrote:
>
> Because ..... could I try to use a ErrorDocument or Redirect 302
>
> directive for inform that the page is not available and that try woth no =
ssl address?

It's not possible because the SSL negotiation takes place before the
HTTP request. So to send a page of HTML, or a 301 or 302 redirect then
you'd already have to have completed the SSL negotiation and this
means that the user will already have been warned if you don't have a
valid SSL certificate.

Turning SSLEngine too 'off' won't help either as a browser connecting
to a https site is expecting SSL so you'll just get an error. There
really is no way to avoid getting the browser warning if you don't
have a valid cert, whilst still connecting with SSL.

Cheers,
Phil.

------------------------------------------------------------ ---------
The official User-To-User support forum of the Apache HTTP Server Project.
See for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

RE: RE: Question about HTTPS without SSL???

am 05.03.2010 09:57:16 von unknown

Ok=2C but Could I disable SSL with SSLEngine off and define and Errorpage
for this condition and show it?
=20
Because now=2C I can see on the log that a "302" code is answered... so I w=
ould like to redirecto=20
to a no HTTPS url or inform user with a no ssl page=20
=20
192.168.15.65 - - [05/Mar/2010:09:49:43 +0100] "\x16\x03\x01" 302 - "-" "-"
192.168.15.65 - - [05/Mar/2010:09:49:43 +0100] "\x16\x03" 302 - "-" "-"
=20
Could I define a 302 error page ? with ErrorDocumet or try Redirect 302 ..=
..
=20
I am trying and it does not works...
=20
Thanks a million and sorry my insistence

----------------------------------------
> Date: Fri=2C 5 Mar 2010 08:45:14 +0000
> From: phil@philipwigg.co.uk
> To: users@httpd.apache.org
> Subject: Re: [users@httpd] RE: Question about HTTPS without SSL???
>
> On 5 March 2010 08:00=2C Francisco Javier Morales L=F3pez de Gamarra
> wrote:
>>
>> Because ..... could I try to use a ErrorDocument or Redirect 302
>>
>> directive for inform that the page is not available and that try woth no=
ssl address?
>
> It's not possible because the SSL negotiation takes place before the
> HTTP request. So to send a page of HTML=2C or a 301 or 302 redirect then
> you'd already have to have completed the SSL negotiation and this
> means that the user will already have been warned if you don't have a
> valid SSL certificate.
>
> Turning SSLEngine too 'off' won't help either as a browser connecting
> to a https site is expecting SSL so you'll just get an error. There
> really is no way to avoid getting the browser warning if you don't
> have a valid cert=2C whilst still connecting with SSL.
>
> Cheers=2C
> Phil.
>
> ------------------------------------------------------------ ---------
> The official User-To-User support forum of the Apache HTTP Server Project=
..
> See for more info.
> To unsubscribe=2C e-mail: users-unsubscribe@httpd.apache.org
> " from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands=2C e-mail: users-help@httpd.apache.org
> =20
____________________________________________________________ _____
Recibe en tu m=F3vil un SMS con tu Hotmail recibido. =A1Date de alta ya!
http://serviciosmoviles.es.msn.com/=

------------------------------------------------------------ ---------
The official User-To-User support forum of the Apache HTTP Server Project.
See for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

RE: RE: Question about HTTPS without SSL???

am 05.03.2010 10:04:03 von unknown

Sorry=2C forget my last email ... I have just undestand what you say.
=20
Thanks a lot

----------------------------------------
> Date: Fri=2C 5 Mar 2010 08:45:14 +0000
> From: phil@philipwigg.co.uk
> To: users@httpd.apache.org
> Subject: Re: [users@httpd] RE: Question about HTTPS without SSL???
>
> On 5 March 2010 08:00=2C Francisco Javier Morales L=F3pez de Gamarra
> wrote:
>>
>> Because ..... could I try to use a ErrorDocument or Redirect 302
>>
>> directive for inform that the page is not available and that try woth no=
ssl address?
>
> It's not possible because the SSL negotiation takes place before the
> HTTP request. So to send a page of HTML=2C or a 301 or 302 redirect then
> you'd already have to have completed the SSL negotiation and this
> means that the user will already have been warned if you don't have a
> valid SSL certificate.
>
> Turning SSLEngine too 'off' won't help either as a browser connecting
> to a https site is expecting SSL so you'll just get an error. There
> really is no way to avoid getting the browser warning if you don't
> have a valid cert=2C whilst still connecting with SSL.
>
> Cheers=2C
> Phil.
>
> ------------------------------------------------------------ ---------
> The official User-To-User support forum of the Apache HTTP Server Project=
..
> See for more info.
> To unsubscribe=2C e-mail: users-unsubscribe@httpd.apache.org
> " from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands=2C e-mail: users-help@httpd.apache.org
> =20
____________________________________________________________ _____
Recibe en tu m=F3vil un SMS con tu Hotmail recibido. =A1Date de alta ya!
http://serviciosmoviles.es.msn.com/=

------------------------------------------------------------ ---------
The official User-To-User support forum of the Apache HTTP Server Project.
See for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org