Like the subject says I need to rewrite https://domain.com
=> https://www.domain.com
. But I have a wildcard SSL setup for the domain and the root domain does not match *.domain.com, thus the browser brings up an error
domain.com uses an invalid security
certificate.The certificate is only valid for
*.domain.com
This is my current vhost config
<VirtualHost 127.0.0.1:443>
ServerAdmin user@domain.com
DocumentRoot /usr/local/app/domain/webapps/www
JkMount /* somestuff
ServerName domain. com
ServerAlias www.domain.com
ErrorLog logs/domain.com-error_log
CustomLog logs/domain.com-access_log combined
Customlog logs/domain.com-deflate_log deflate
RewriteEngine on
RewriteCond %{HTTP_HOST} ^domain\.com [NC]
RewriteRule ^/?(.*) https://www.domain.com/$1 [L,R,NE]
SSLEngine on
SSLCertificateFile /etc/httpd/conf/ssl.crt/x.domain.com.crt
SSLCertificateKeyFile /etc/httpd/conf/ssl.key/x.domain.com.key
</VirtualHost>
I was hoping that the RewriteEngine would kick in before the SSL is loaded but doesn't work. Is this solvable without getting a new cert that is just for the root domain ?
Best Answer
Unfortunately the name that the client is talking to is checked against the certificate by the client, not the server. As far as the client is concerned it is talking to domain.com not <something>.domain.com - it will be unaware of any URL rewriting that is being done at the server end.
So you will need an extra certificate for the other name to avoid certificate errors.