Databases
StackOverflow2013
Postsdbo
POISAPI rewrite - "Redirecting non-www version to www" rule with SSL
Body
 

Note that there are some explanatory texts on larger screens.

plurals
  1. POISAPI rewrite - "Redirecting non-www version to www" rule with SSL
    text
    copied!<p>I'm using a tool called : ISAPI Rewrite 3 Lite from Helicon Tech (an "apache .htaccess mod_rewrite compatible module for IIS"). </p> <p>I've applied the "Redirecting non-www version to www" rule (from : <a href="http://www.helicontech.com/isapi_rewrite/doc/examples.htm#hotlinking" rel="nofollow">http://www.helicontech.com/isapi_rewrite/doc/examples.htm#hotlinking</a> ). i.e. : </p> <pre><code>RewriteEngine on RewriteCond %{HTTPS} (on)? RewriteCond %{HTTP:Host} ^(?!www\.)(.+)$ [NC] RewriteCond %{REQUEST_URI} (.+) RewriteRule .? http(?%1s)://www.%2%3 [R=301,L] </code></pre> <p>This works ok, but I have a slight problem with browser warnings when used with SSL. Say I want a url request like : <a href="https://MyDomain.com/abc/login.aspx" rel="nofollow">https://MyDomain.com/abc/login.aspx</a> to be re-directed to : <a href="https://www.MyDomain.com/abc/login.aspx" rel="nofollow">https://www.MyDomain.com/abc/login.aspx</a> The browser will show a warning like : "The security certificate presented by this website was issued for a different website's address." This makes sense because our SSL certificate only works for "www.MyDomain.com" (and not "MyDomain.com"). If you click "Continue to this website ?" it redirects fine to the required url, and all is well.</p> <p>My question : is there something that can be done to make the browser SSL certificate warning NOT come up ? (Preferably without having to change the SSL certificate). </p> <p>Thanks.</p> <p><strong>EDIT :</strong></p> <p>I was hoping that there was some way to get ISAPI Rewrite to change the url, so that IIS does not "see" the request to : "MyDomain.com", and only sees the altered request to : "www.MyDomain.com" (so that the SSL certificate warning would not occur). I thought it might have been a timing issue of sorts. But it looks like the timing of events is fixed, so that IIS will always check the SSL certificate in the context of the original request ? Can anyone confirm this ?</p>
 

Querying!

 
Guidance
An individual column

Larger individual text columns get their own page to allow for proper reading.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload