We just switched domain names from www.olddomain.com to www.newdomain.com. We have a number of short cuts on desktops to https://wwww.example.com.
I have setup Rewrite rules in both vhosts and the SSL vhost that if the domain is not www.newdomain.com to redirect to www.newdomain.com.
The VirtualHost rewrite works flawlessly for non SSL requests. However, on the SSL pages users are given an invalid security certificate exception. The Rewrite rule seems to not take affect before this point. However, if they add an exception the Rewrite rule kicks in immediately and takes them to www.newdomain.com.
It appears the Certificate exception is happening before the Redirect, which makes sense. Here is the SSL Virtual host redirect. The non SSL one is nearly identical.
<VirtualHost _default_:443>
RewriteEngine On
RewriteCond %{HTTP_HOST} !^www\.newdomain\.com$ [NC]
RewriteRule ^ https://www.newdomain.com%{REQUEST_URI} [R=301,L]
....
<VirtualHost>
I have read that HTTP_HOST is not a valid variable in SSL, but even removing that condition and having all requests redirected still produces the exception.
Is there anything we can do to have the redirect to the new domain, with the valid SSL certificate and subdomain/domain combo, before a browser certificate exception is displayed?
Best Answer
Given that the rewrite/redirect doesn't happen until after the user has made a request, it makes perfect sense that HTTPS requests to a site with the wrong SSL certificate provoke a browser warning.
The correct way to handle this is to have two separate SSL vhosts, on separate IPs, each configured with their own SSL certificate. Then, in the olddomain vhost, setup your redirects as you want them.