How to redirect all SSL traffic?
Igor Sysoev
is at rambler-co.ru
Mon Nov 9 13:43:01 MSK 2009
On Mon, Nov 09, 2009 at 05:34:11PM +0700, Glen Lumanau wrote:
> So I can't use such a configuration
>
> server {
> listen 443;
> rewrite (^.*) https://www.mydomain.com$1 permanent; }
>
> ?
The following configuration should work:
server {
listen 192.168.1.1:443;
server_name mydomain.com;
ssl on;
ssl_certificate /path/to/wildcard.certifcate;
...
}
server {
listen 192.168.1.1:443;
server_name *.mydomain.com;
ssl on;
ssl_certificate /path/to/wildcard.certifcate;
rewrite ^ https://www.mydomain.com$request_uri? permanent; }
}
Please note, that you should use the same wildcard certifcate in both
servers.
> -----Original Message-----
> From: owner-nginx at sysoev.ru [mailto:owner-nginx at sysoev.ru] On Behalf Of Igor
> Sysoev
> Sent: 09 Nopember 2009 17:30
> To: nginx at sysoev.ru
> Subject: Re: How to redirect all SSL traffic?
>
> On Mon, Nov 09, 2009 at 10:23:33AM +0000, Glen Lumanau wrote:
>
> > My question is,
> >
> > Is that posibble to redirect all the traffic to www?
>
> With the "*.mydomain.com" certificate the answer is YES.
>
> >
> > Best Regards,
> >
> > Glen Lumanau
> >
> >
> > -----Original Message-----
> > From: Maxim Dounin <mdounin at mdounin.ru>
> > Date: Mon, 9 Nov 2009 13:17:43
> > To: <nginx at sysoev.ru>
> > Subject: Re: How to redirect all SSL traffic?
> >
> > Hello!
> >
> > On Mon, Nov 09, 2009 at 08:11:23AM +0000, Glen Lumanau wrote:
> >
> > > Yes I have a valid ssl for www.mydomain.com. I don't have a license for
> mydomain.com
> > >
> > > That's why I want to redirect all traffic goes to mydomain.com to
> www.mydomain.com
> >
> > As long as you have no valid cert for mydomain.com - you can't
> > handle requests in this domain without warnings from browsers. No
> > way.
> >
> > Maxim Dounin
> >
> >
> > >
> > >
> > > Best Regards,
> > >
> > > Glen Lumanau
> > >
> > >
> > > -----Original Message-----
> > > From: Igor Sysoev <is at rambler-co.ru>
> > > Date: Mon, 9 Nov 2009 10:57:18
> > > To: <nginx at sysoev.ru>
> > > Subject: Re: How to redirect all SSL traffic?
> > >
> > > On Mon, Nov 09, 2009 at 08:49:56AM +0700, Glen Lumanau wrote:
> > >
> > > > I tried this, but still doesn't works
> > >
> > > What do you mean by "doesn't work" ? Browser shows a warning about
> invalid
> > > certificate ? In this case you need two certificates: for
> "www.domain.com"
> > > and "mydomain.com" and you should configure servers on different IP
> addreses.
> > > Or you can use a certificate with two Subject Alternate Names for
> > > "domain.com" and "www.domain.com". Then you may use the certificate in
> > > both server with single IP address.
> > >
> > > > -----Original Message-----
> > > > From: Alex Hunsaker [mailto:badalex at gmail.com]
> > > > Sent: 09 Nopember 2009 5:11
> > > > To: glen at lumanau.web.id
> > > > Cc: nginx at sysoev.ru
> > > > Subject: Re: How to redirect all SSL traffic?
> > > >
> > > > On Sun, Nov 8, 2009 at 03:31, Glen Lumanau <glen at lumanau.web.id>
> wrote:
> > > >
> > > > [ please keep the mailing list cc'ed ]
> > > >
> > > > > Try port 80...
> > > >
> > > > >> On port 80 is sucessfull. Is there any way to do that on port 443?
> > > >
> > > > Ahh ok so you want http://mydomain.com and https://mydomain.com to go
> > > > to https://www.mydomain.com.
> > > >
> > > > Sure something like:
> > > > server {
> > > > listen 80;
> > > > rewrite (^.*) https://www.mydomain.com$1 permanent;
> > > > }
> > > >
> > > > # config for https://www.mydomain.com
> > > > server {
> > > > listen 443;
> > > > ...
> > > > if ($host !~ www\.mydomain\.com) {
> > > > rewrite ^(.*) https://www.mydomain.com$1 permanent;
> > > > }
> > > >
> > > > }
> > > >
> > >
> > > --
> > > Igor Sysoev
> > > http://sysoev.ru/en/
> > >
> >
>
> --
> Igor Sysoev
> http://sysoev.ru/en/
>
--
Igor Sysoev
http://sysoev.ru/en/
More information about the nginx
mailing list