0

I need to run a site over ssl. The domain is pointing to a certain shared IP of a hosting space. Let's pretend I don't have access to the DNS management.

-If the original request is https, Can I set up a redirect through the shared space to a new space with a dedicated IP and still run over https?

-Would I have to redirect https requests to http for the middle-man IP, and then back to https for the dedicated IP space?

Improve this question
2
  • 1
    It's not clear what you're trying to do. Would you be redirecting to an IP address or to a different domain/subdomain? Commented Jun 15, 2015 at 19:15
  • The A record/subdomain would point to the middleman IP (assume you can't change that), and that IP would redirect to another space on the same server, but with a dedicated IP and an SSL cert installed for that subdomain. Turns out this would be totally unnecessary, but I'm still kind of curious if you could do it Commented Jun 18, 2015 at 15:22

2 Answers 2

Reset to default
1

The best you could probably hope for would be if the host could set up a SAN certificate which included your domain in the list of domains it was issued for. Second best to that would be if they could install an SNI certificate which is compatible with an IP being shared but which isn't supported by every single browser, though most moderns ones do support (see http://caniuse.com/#search=sni).

If part of the path used HTTP (i.e. not one of the above solutions), then it would be at risk for being sniffed and compromised.

Improve this answer
2
  • OK, cool, thanks. SNI is the route we went. I did not know about that. I would upvote if I had the rep. Commented Jun 17, 2015 at 14:38
  • @DavidNoll Glad to hear. Even though you can't upvote, you can mark the answer as accepted by clicking the checkmark next to it - that will award reputation and also let others know at quick glance what worked for you. Commented Jun 17, 2015 at 17:08
0

Your question is very vague.

Sounds like you want to add a reverse proxy to proxy requests from the host, through the middle man to the the destination server.

Here is some documentation:

http://www.jamescoyle.net/how-to/116-simple-apache-reverse-proxy-example

Improve this answer
4
  • Yes, that's how I wanted to treat it. Imagine a subdomain that needs to run on https, pointing to a shared linux cPanel hosting server, with 1 IP and an SSL cert already in use. I guess it was kind of a stupid question because of SNI, but I didn't know about that. But if there were no SNI, could I just add a record in the middleman cPanel dns manager to send it to a space with a dedicated IP? Commented Jun 17, 2015 at 14:43
  • It is certainly capable of what you had in mind. Commented Jun 17, 2015 at 14:44
  • So, would the redirection through the middleman affect the https at all? Or would it only matter at the end point? Commented Jun 17, 2015 at 14:46
  • It does not matter to the end point. To your server it just looks like your proxy server is making all the requests. The true host ip is stored in the x forwarded for header. Commented Jun 17, 2015 at 15:20

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.