I'm working with a small team, and we currently have two servers, one for release builds, and the other for development. We have a wildcard SSL certificate so we can cover multiple subdomains. I setup the release and development branches on the respective servers, and we originally only had the SSL setup on the live server while the dev builds were standard HTTP. We would now like to be able to setup an SSL build on the dev server to give us a truer testing environment, but we're having the current issue.
I have the live server setup to catch all subdomains since we will be selling our service to different organizations, and we would like to give them the opportunity to append to the URL. The problem happens when I try to setup a Virtual host on the dev server for one specific URL. While the login page that is loaded is on the dev server, logging in either kicks you off of SSL, or it re-directs you to the live server (probably because of a re-write rule I have on live server to prevent you from being kicked off of https). Here are the two config files I have at the moment.
Live Server
<VirtualHost *:80>
ServerName *.fileblimp.com
RewriteEngine on
RewriteCond %{SERVER_PORT} !^443$
RewriteRule ^/(.*) https://%{HTTP_HOST}/$1 [NC,R,L]
<IfModule pagespeed_module>
ModPagespeed Off
</IfModule>
</VirtualHost>
<VirtualHost *:443>
ServerName *.fileblimp.com
ServerAlias *
ServerAdmin webmaster@localhost
DocumentRoot /var/www/files
<Directory />
Options FollowSymLinks
AllowOverride All
</Directory>
<Directory /var/www/>
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
allow from all
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
CustomLog ${APACHE_LOG_DIR}/access.log combined
<IfModule pagespeed_module>
ModPagespeed Off
</IfModule>
<IfModule mod_php5.c>
php_value include_path ".:/usr/local/lib/php:/wwwfiles/sta$
</IfModule>
SSLEngine on
SSLCertificateFile /etc/apache2/ssl/certs/cert.crt
SSLCertificateKeyFile /etc/apache2/ssl/private/fileblimp.com.key
SSLCertificateChainFile /etc/apache2/ssl/certs/gd_bundle.crt
</VirtualHost>
Dev Server
<VirtualHost *:443>
ServerName development.fileblimp.com
ServerAdmin webmaster@localhost
DocumentRoot /var/dev/www/files
<Directory />
Options FollowSymLinks
AllowOverride All
</Directory>
<Directory /var/www/>
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
allow from all
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
CustomLog ${APACHE_LOG_DIR}/access.log combined
<IfModule pagespeed_module>
ModPagespeed Off
</IfModule>
<IfModule mod_php5.c>
php_value include_path ".:/usr/local/lib/php:/wwwfiles/sta$
</IfModule>
SSLEngine on
SSLCertificateFile /etc/apache2/ssl/certs/cert.crt
SSLCertificateKeyFile /etc/apache2/ssl/private/fileblimp.com.key
SSLCertificateChainFile /etc/apache2/ssl/certs/gd_bundle.crt
</VirtualHost>
Thank you in advance for the help, I truly appreciate it.
Best Answer
Safado correctly points out that there seems to be a configuration error in the application on the live server, that's causing it to bounce users from HTTPS back to HTTP. I wouldn't be surprised if there's an HTTP URL, like
http://www.fileblimp.com
, somewhere in the application configuration. If you fix that, you'll probably fix your problem.Otherwise, on the live server the redirect in the first virtual host from HTTP back to HTTPS seems to work around the problem. But that virtual host doesn't seem to be present on the dev server. Is that deliberate, or did you leave it out of your question by mistake? That's where the redirect from HTTP to HTTPS is, so it would seem that if you added it to the dev server, the workaround would work there too.
BTW on the live server you could simplify the first virtual host a bit by leaving out
RewriteCond %{SERVER_PORT} !^443$
. That's not needed, since the server in<VirtualHost *:80>
is known to be listening on port 80.In development, the corresponding virtual host can simplify even further to just