I've been looking around in Google and so far have not found a page that addresses my situation, which is weird because I'm sure it's been attempted thousands, if not millions, of times before.
I want to host development sites from my home for clients to test before we deploy them to whatever kind of hosting solution they want for production. Here is what I am using:
- a dynamic dns service ($$ per year vs $$ per month for a fixed IP) – we'll call it foobar.dnsalias.net
- the so-called "forwarding with masking" provided for free by my domain's registrar to forward specific subdomains to unique ports at the dynamic dns domain name – eg dev1.mydomain.com goes to foobar.dnsalias.net:8081, dev2.mydomain.com goes to foobar.dnsalias.net:8082, etc…
- port forwarding on my router to forward each of the unique ports to its own IP on my private LAN – eg 8081 to 192.168.1.81, 8082 to 192.168.1.82, etc…
- virtual interfaces with a range if IP's using ifcfg-eth0-range0
- multiple Listen directives in httpd.conf for IP-based virtual hosts
All this has been working great, but now I want to use https for all of my subdomains, so I bought a wildcard certificate (believe it or not, the cert plus the dynamic dns works out to be anywhere from 36% to 41% cheaper than the monthly rate my ISP charges for one fixed IP), and I have installed it successfully using the appropriate SSLCertificate* directives in the VirtualHost tags.
The trouble is that the browser is complaining about an untrusted connection because despite the so-called "masking" it still realizes that it is being redirected through the dynamic dns domain.
foobar.dnsalias.net:8081 uses an invalid security certificate.
The certificate is only valid for the following names:
*.mydomain.com , mydomain.com
(Error code: ssl_error_bad_cert_domain)
I thought I could use some mod_rewrite directives, but either I haven't found the correct combination of RewriteCond and RewriteRule patterns and flags, or I am misunderstanding what is going on with the "forwarding with masking".
RewriteEngine on
RewriteCond %{HTTP_HOST} foobar.dnsalias.net [NC]
RewriteRule ^(.*) https://dev1.mydomain.com:8081/$1 [P]
Can someone explain how to make this work?
Best Answer
In short, this won't work.
Your dynamic DNS provider is responding with HTTP redirects from dev1.mydomain.com to foobar.dnsalias.net:8081 address; this is the only way you can redirect based on the HTTP Host header and change the port number at the same time.
The only way I can think of is to CNAME whatever.mydomain.com to foobar.dnsalias.net and setup a reverse proxy to server traffic from the proper dev server.
This way, when your client (Acme Incorporated) fires up https://acme.mydomain.com, DNS will resolve directly to your dynamic IP (via the CNAME) and your Reverse Proxy will see the Host Header as "acme.mydomain.com". It can then go to dev2.mydomain.com to obtain the relevant content.