0

I have apache2.2 on CentOS 6, having SSL enabled in configuration block. It serves the SSL pages for a host name first.defaultdomain.com (example) which is mapped to the default IP of the server. It is accessed via https://first.defaultdomain.com.

For the same default IP, I have multiple NameVirtualHost on port 80 (let's say there are two more hostnames, mapped to this IP, second.defaultdomain.com and third.defaultdomain.com).

If somebody mistypes the protocol part of the URL for second.defaultdomain.com, e.g. https_:_//second.defaultdomain.com, that person gets the SSL pages for first.defaultdomain.com and a warning about the certificate not matching the hostname (which is correct).

Is there a way to distinguish a request to https_://first.defaultdomain.com from https:_//second.defaultdomain.com (both hostnames mapped to same IP) ?

EDIT: I do not want to serve https for second.defaultdomain.com or third.defaultdomain.com, only first.defaultdomain.com.

regards, Gašper

Gasper
  • 11
  • 1
  • If you don't want that, then you'll need to have a separate IP address for the domains that shouldn't have SSL. – Jenny D Jan 14 '15 at 13:12
  • @JennyD thanks. I was hoping I it could be done without having a separate IP address. – Gasper Jan 14 '15 at 13:31

1 Answers1

0

If your certificate is only valid for first.defaultdomain.com then no. You will not be able to redirect your user from to http://second.defaultdomain.com as the browser won't even send the a GET request (and hence wont receive a redirect) if the certificate doesn't match the domain requested.

What you need is a certificate for second. and third.defaultdomain.com or use a wildcard certificate - but then you can also just serve the content of those domains via TLS - why redirect if you have a valid certificate and content for those FQDN?

r_3
  • 886
  • 5
  • 9