Redirect without and SSL certificate

[Jeff Abrahamson]

Could you use letsencrypt to manage all those certs?

What you want can't work: the client makes an SSL request, you respond
(with a 301), the client detects that the interaction was not properly
authenticated, and so complains to the user.  It's out of your hands,
which is the whole point of SSL identity validation.

Jeff Abrahamson
+33 6 24 40 01 57
+44 7920 594 255

http://p27.eu/jeff/


On 18/07/18 17:10, Friscia, Michael wrote:
>
> We have a problem where we have a large number of vanity domain names
> that are redirected. For example we have surgery.yale.edu which
> redirects to medicine.yale.edu/surgery. This works fine until someone
> tries to request https://surgery.yale.edu. For administrative reasons,
> I cannot get a wildcard certificate to handle *.yale.edu and make this
> simple to solve.
>
>  
>
> My question is if there is any way to redirect a request listening on
> port 80 and 443 but bypass the SSL certificate warning so it will
> redirect? I would assume the order of operation with HTTPS is to first
> validate the certificate but I really want the 301 redirect to take
> place before the SSL cert is verified.
>
>  
>
> I’m open to ideas but we are limited in what we can actually do so as
> it stands the only solution we have is to request a certificate for
> each of the 600+ domains.
>
>  
>
> ___________________________________________
>
> Michael Friscia
>
> Office of Communications
>
> Yale School of Medicine
>
> (203) 737-7932 - office
>
> (203) 931-5381 - mobile
>
> http://web.yale.edu <http://web.yale.edu/>
>
>  
>
>
>
> _______________________________________________
> nginx mailing list
> nginx at nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx

-- 

Jeff Abrahamson
+33 6 24 40 01 57
+44 7920 594 255

http://p27.eu/jeff/

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20180718/8714e412/attachment-0001.html>