Ssl – Redirect Subdomain That is Not on SSL

apache-2.4httpsredirectsslsubdomain

I have a SSL certificate that is installed on the server that only covers the domain, not subdomains

All traffic is redirected using apache config file

When I set up the subdomain to redirect a subdomain you get the browser alerting you that the site isn't safe because the SSL doesn't match the domain. I want to catch the subdomain before it gets forced to HTTPS and redirect it to where I need it to go because once its forced to HTTPS it throws an error

My apache config

<VirtualHost *:80>
   ServerName aliahealthcare.com
   Redirect permanent / https://aliahealthcare.com/
</VirtualHost>
<VirtualHost *:443>
     //blah
</VirtualHost>

Best Answer

Thankfully, SSL doesn't work that way. Every new domain you go to will have a new DNS lookup and a new SSL handshake and the certificate will be verified each time. If you think about it, that's a really good thing for security! (Despite inconveniencing you in this situation)

Your best bet is to get a wildcard cert or use Subject Alternate Names.

Related Topic