Hi All,

I have a site that receives quite a lot of links from external sites. Some of these links have mistakenly linked to a HTTPS version of the site which has then had some pages indexed. I have a virtual server configured to handle all traffic on port 443.

The issue is the site does not need SSL, there is nothing needing the security.

I have written a rewrite rule which catches all port 443 traffic and redirects it to the http server. However modern browsers still complain about self-signed certificate before the redirect takes place, and this problem is precisely what I am trying to avoid.

The site is for a charity so paying out to externally sign a certificate isnt really an option considering we don't need SSL so can't justify the money. I have now created a robots.txt file which will hopefully prevent any further indexing of https version of the site, but unfortunately the damage has been done already.

Is there a way I can redirect all https traffic received by this virtual server to the standard port 80 server which takes place before the certificate is examined? I'm kind of guessing the answer is no, but I live in hope. If anyone knows of anyway around this issue I'd be grateful to hear from you.

Karl

Should do for https to http
Quote:RewriteEngine On
RewriteCond %{SERVER_PORT} !^80$
RewriteRule ^.*$ http://%{SERVER_NAME}%{REQUEST_URI} [L,R]

But keep in mind, that anyway all users will get the cert warning if it does not fit a known CA, or it is invalid, or it does not fit the hostname etc. anyway. Only _after_ establishing the ssl conn the rewrite request will be processed.

Also this config needs to be done for every user (afaik you can not set those rewrite rules for all vhosts from a global base?!)