0

I have an autoscaling application, which uses an ELB to terminate SSL, and forward 443 requests to http 80 on the instances.

This works fine, except that if I do a redirect within apache, it implicitly uses http rather than https.

for example, I have the following rewrite rule...

RewriteRule    ^/v10/(.*) /v11/$1 [R]

If I do the following...

curl -v "https://[mydomain.com]/v10/somescript.js"

I get a 302 response like this...

Location: http://[mydomain.com]/v11/somescript.js

... which then breaks my application, as the browser won't load the script via http.

Of course this makes sense, since as far as apache is concerned, it is http. However aside from re-writing all my redirect rules, I'm wondering if there is some way to convince apache to implicitly generate https redirects, even though it isn't terminating the SSL?

user1751825
  • 4,029
  • 1
  • 28
  • 58
  • You need to set up your rewrite rules to be based on the `X-Forwarded-Proto` header, as per this [previous answer](http://stackoverflow.com/a/17195255/297696). – wkl Dec 22 '16 at 01:56
  • Thanks @birryree, I was hoping that there might be some setting that could be used within the vhost, as this particular vhost will always handle https requests, but that's ok, I'll just modify all my rewrites. – user1751825 Dec 22 '16 at 02:54

0 Answers0