Apache – Redirect Domain with Expired SSL Certificate to New Domain

301-redirectapache-2.2redirect

So in the past I used https://example.com. Then decided that I wanted to use https://myotherexample.com instead of example.com. So I setup the server, pointed DNS at that server and everything was great. Now I wanted to redirect https://example.com to https://myotherexample.com so people with the old address would continue on to the new site. This works fine for redirecting port 80 to the new domain, however when trying to redirect port 443 (the ssl port) apache seems to require there be a valid SSL certificate for the old domain (even though I'm no longer serving a secure version of the site at that address). My SSL cert for the old domain has expired, and since there isn't anything there to protect, I'm left wondering, how do I go about doing this kind of redirect?

example.com config:

▽
<VirtualHost *:80>


        ServerAdmin webmaster@localhost
        DocumentRoot /sites/example.com/html
        ServerName example.com
        ServerAlias www.example.com
        Redirect / https://myotherexample.com/


        ErrorLog ${APACHE_LOG_DIR}/error.log
        CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>

And the SSL version that I need to redirect to the new domain:

<VirtualHost *:443>
        # The ServerName directive sets the request scheme, hostname and port that
        # the server uses to identify itself. This is used when creating
        # redirection URLs. In the context of virtual hosts, the ServerName
        # specifies what hostname must appear in the request's Host: header to
        # match this virtual host. For the default virtual host (this file) this
        # value is not decisive as it is used as a last resort host regardless.
        # However, you must set it for any further virtual host explicitly.
        #ServerName www.example.com

        ServerAdmin webmaster@localhost
        DocumentRoot /sites/example.com/html
        ServerName example.com
        ServerAlias www.example.com
        Redirect / https://myotherexample.com/

        <Directory /sites/example.com/html>
                Options FollowSymlinks
                AllowOverride All
                Require all granted
        </Directory>

        SSLEngine on
        SSLCertificateKeyFile /etc/apache2/ssl/example.com.key
        # this ssl is expired now
        SSLCertificateFile /etc/apache2/ssl/example.com.crt
        SSLCertificateChainFile /etc/apache2/ssl/example.com.IntermediateCA.crt

</VirtualHost>

I'm obviously going about this the wrong way, but is there a way to redirect an SSL domain (the https version of the domain) to a new domain using apache, without needing to keep an active ssl cert on the old domain? Thanks so much!

Best Answer

This is the behaviour you would expect. Imagine if somebody hijacked your DNS and set up a 301 redirect. You can use https://letsencrypt.org/ for a free cert and redirect clients until the old domain is no longer accessed.

Related Topic