Redirect all HTTPS requests to HTTP temporary in Apache on Ubuntu Server

Question

My site was hosted in an hosted provider which had enabled certificates so the website in the google results is appearing with the https:// in the beginning.

Since, yesterday I have setup my site in a VM (Ubuntu Server 16.04 with Apache2) which currently don't have any enabled certificate for the domain. The .conf file is like :

<VirtualHost *:80>

        ServerAdmin  myemail@example.com
        ServerName example.com
        ServerAlias www.example.com
        DocumentRoot /var/www/html/mysite

        ErrorLog ${APACHE_LOG_DIR}/mysite-error.log
        CustomLog ${APACHE_LOG_DIR}/mysite-access.log combined

</VirtualHost>

Is possible to edit the .conf. Is it possible to redirect all the traffic from https to http?

I don't understand the reason of down-voting.. – yaylitzis Jan 28 '18 at 14:39 — yaylitzis, Jan 28 '18 at 14:39

score 2 · Accepted Answer · answered Jan 27 '18 at 09:49

2

You would need a HTTPS VirtualHost to handle HTTPS requests and redirect them to HTTP. However, this VirtualHost would still need valid certificates to work correctly as the redirect happens after the SSL negotiation, so it's better consider creating new certificates using LetsEncrypt as it doesn't only provide increased security but improves search ranking.

answered Jan 27 '18 at 09:49

Simon Greenwood

1,363
9
12

My problem is that I don't know to install letsEncrypt due to an error I get while I trying to install the certificate `Client with the currently selected authenticator does not support any combination of challenges that will satisfy the CA.` – yaylitzis Jan 27 '18 at 09:50
That's another question, but you would need to look at the challenge you are using and configure your system to work with it. – Simon Greenwood Jan 27 '18 at 10:14

score 0 · Answer 2 · answered Jan 27 '18 at 11:53

Not using SSL these days is not a good idea. Plus there is no way to make your clients not run into an invalid cert before they get redirected. You cannot avoid the browser warning this way at all.

You could use letsencrypt with certbot-auto to generate your own valid server certificates.

See here: https://letsencrypt.org/getting-started/

It is really easy to install and use. The browsers will accept it as valid.

Redirect all HTTPS requests to HTTP temporary in Apache on Ubuntu Server

2 Answers2