0

With reference to this question How to do a 301 redirect from http to https in a domino server? My redirects are failing.

(gaps between protocol and : are because i dont have the rep to post multiple links)

  • http ://example.com
  • https ://example.com
  • http ://www.example.com
  • http ://www.example.com/old-page

All urls above should 301 redirect to https://www.example.com

  • Incoming URL pattern: /*
  • Redirect to this URL: https ://www.example.com/*

and

  • Incoming URL pattern: /old-page
  • Redirect to this URL: https ://www.example.com/*

I have redirect TCP to SSL set to yes on the website doc. And I have the IP address, example.com and www.example.com entered in "Host names or addresses mapped to this site" on the website doc.

But when I have the rule as suggested in the question linked above I get into a loop with all urls.

I did have 2 site docs for www and non www redirecting fine but since implementing SSL these are ignored.

Community
  • 1
Mark
  • 1

1 Answers1

1

I think the problem is that in order for SSL to work in Domino for multiple host names you need multiple IP addresses - see my answer to a question on that topic here: https://serverfault.com/a/375106/108199

Let's say we start with example.com. What happens is: http://example.com redirects to https://www.example.com (as expected because Domino can see the host name in the request). When Domino then processes the encrypted https://www.example.com it doesn't know what internet site doc to use other than the one containing the IP address of the request. That internet site doc is set to redirect which Domino then does - and that kicks of the loop.

Community
  • 1
Per Henrik Lausten
  • 535
  • 2
  • 12
  • OK let me step back a bit. I removed the domains from the "Host names or addresses mapped to this site" section so the only thing entered here is the server IP address. Added the rule Incoming URL pattern: /* Redirect to this URL: https://www.example.com/* which results in a loop!! – Mark Nov 12 '14 at 16:27
  • Well, yes since all requests now go to that internet site doc which redirects to itself. Right? – Per Henrik Lausten Nov 12 '14 at 18:02
  • Yes, that was my understanding. However the post http://serverfault.com/questions/463976/how-to-do-a-301-redirect-from-http-to-https-in-a-domino-server suggested that the redirect rule would fix the ssl redirect to become a 301 instead of a 302 (which was my first goal before getting into non www and www.) - Does this mean that the answer in the other post is not correct? How can we perform a https 301 redirect? Thanks for your help Per. – Mark Nov 13 '14 at 09:31
  • The answer might be correct. Since you want to redirect from https to https you need two IP addresses (and thereby two internet site docs - one for each IP address) if Domino should be able to distinguish between the two. That's my understanding of Domino and the version of SSL that it uses – Per Henrik Lausten Nov 13 '14 at 10:08