mod_rewrite to force SSL to a different port

Forum Moderators: phranque

Message Too Old, No Replies

mod_rewrite to force SSL to a different port

1 IP and multiple SSL vhosts

jshaikh

1:42 am on Apr 30, 2004 (gmt 0)

I have 1 IP address and I'm attempting to install multiple SSL Certs using different ports. I have 2 certs currently installed and working.

[domain1.tld:443...]
[domain2.tld:444...]

Both domains work in port 80 and 443 (domain1) and 444 (domain2). [domain1.tld...] works in https without specifying the port number, 443. [domain2.tld...] will only work when the port 444 is specified.

Question: Is there a way, using mod_write, to force SSL requests using www.domain2.tld to port 444?
The goal is to not require the port number in the URL.

This is what I have tried so far:

RewriteCond %{HTTP_HOST} ^www.domain1.tld [NC]
RewriteCond %{SERVER_PORT} ^443$
RewriteRule ^(.*)$ https://www.domain2.tld:444/$1 [R,L]

jdMorgan

2:18 pm on May 17, 2004 (gmt 0)

jshaikh,

Welcome to WebmasterWorld [webmasterworld.com]!

Sorry I missed your post. I don't have an answer for you, but maybe someone here has done this before...

Has anyone here done this that can help out?
<bump>

Jim

john_k

2:34 pm on May 17, 2004 (gmt 0)

Before the browser will submit the request via SSL, it will need to obtain the security certificate. When it tries to get the certificate for domain2, you will wind up with a certificate mis-match. That will cause the browser to display the SSL certificate warning stating that the certificate is issued to "domain1" but you are trying to access "domain2."

That's my theory anyway :)

gergoe

4:38 pm on May 17, 2004 (gmt 0)

The port number is not significant during the ssl negotiation. The main problem is that name based virtual hosting with ssl certificates is not possible, only with ip or port based virtual hosting. The only thing you can do is to obtain an additional ip address for your apache box. Or you will use only one certificate and you'll make the virtual hosting on directory level, i.e. [host.com...] and [host.com...]