0

I have those subdomains:

link.domain.com
links.domain.com

I want to redirect the link.domain.com to links.domain.com. For this, I used the same method as described here : Redirect subdomain to subdomain Apache2 and it works.

I installed a TLS certificate for links.domain.com with Let's Encrypt and I can perfectly access links.domain.com in HTTPS. I would like the redirection from link.domain.com to links.domain.com to be also effective in HTTPS.

Here is my conf file:

<IfModule mod_ssl.c>
   <VirtualHost *:443>
      DocumentRoot /var/www/links/
      ServerName links.domain.com

      <Directory "/var/www/links/">
         Options Indexes MultiViews FollowSymLinks
         AllowOverride None
         Order deny,allow
         Allow from all
      </Directory>

      ErrorLog ${APACHE_LOG_DIR}/error_links.log
      CustomLog ${APACHE_LOG_DIR}/access_links.log combined 

      # Possible values include: debug, info, notice, warn, error, crit,
      # alert, emerg.
      LogLevel warn

      SSLCertificateFile /etc/letsencrypt/live/links.domain.com/fullchain.pem
      SSLCertificateKeyFile /etc/letsencrypt/live/links.domain.com/privkey.pem
      Include /etc/letsencrypt/options-ssl-apache.conf
   </VirtualHost>
</IfModule>

I already tried the following :

  • Adding

    ServerAlias link.domain.com RedirectMatch permanent ^link.domain.com/(.*)$ https://links.domain.com/$1

    after the ServerName links.domain.com line.

  • Adding

    <VirtualHost *:443> ServerName link.domain.com RedirectMatch permanent ^/(.*)$ https://links.domain.com/$1 </VirtualHost>

    before and after the already defined VirtualHost.

No one worked.

Do you have any idea ?

ÜberPosé
  • 3
  • 1
  • 4

1 Answers1

0

You need to have the SSL configuration in both VirtualHosts, and RedirectMatch isn't necessary. Try:

<IfModule mod_ssl.c>
   <VirtualHost *:443>
      ServerName link.example.com

      SSLCertificateFile /etc/letsencrypt/live/links.example.com/fullchain.pem
      SSLCertificateKeyFile /etc/letsencrypt/live/links.example.com/privkey.pem
      Include /etc/letsencrypt/options-ssl-apache.conf

      Redirect / https://links.example.com/
   </VirtualHost>
</IfModule>

Please notice that you will still get a NET::ERR_CERT_COMMON_NAME_INVALID TLS error if you don't also have link.example.com in the Subject Alternative Name of your certificate.

Esa Jokinen
  • 46,944
  • 3
  • 83
  • 129
  • Should I set this VirtualHost before or after the one I already have ? Or in another file ? – ÜberPosé May 09 '17 at 15:20
  • The order doesn't matter for other `VirtualHost`s than the one you would like to have as the _default_. Whether you want to have it on the same file or another in `sites-available/` depends on your naming convention. I usually add separated files only for _canonical_ server names i.e. one file per site, and have all redirects in the same file. Separated files are useful when you want to be able to separately enable / disable the `VirtualHost` with `a2ensite`/ `a2dissite`. – Esa Jokinen May 09 '17 at 15:28