0

I am trying the following. I have a domain where I publish. This publication is only by http, but I need all requests by https to redirect me to http since I do not have ssl certificate installed and configured for this.

I have tried to add in the .htaccess file of the documentroot where I have the application the following lines:

RewriteEngine On RewriteCond% {HTTPS} on RewriteRule (. *) Http: //% {HTTP_HOST}% {REQUEST_URI} [R = 301, L]

But this does not make me that anything that enters through https redirects me to http. What would I be missing?

Best regards.

Edit:

OK.

Perfect now I think I understand it a little better. To redirect https to http, you must have an ssl certificate generated and stored on the apache server.

As a test, I created a self-signed certificate using the openssl tool

openssl req -x509 -nodes -days 365 -newkey rsa: 204 .....

I have generated it correctly.

The next step has been enabled the default-ssl.cnf site in which I add the paths of the ssl certificate data generated previously.

In this step, what action do I have to do to enable that redirection from https to http for my instance of wordpress for example.

Here is my default-ssl.conf file

<IfModule mod_ssl.c> <VirtualHost *: 443> ServerName www.mydomain.org ServerAdmin webmaster @ localhost DocumentRoot / var / www / html/wordpress <Directory /> FollowSymLinks options AllowOverride None </Directory> <Directory / var / www / html /> Options -Indexes + FollowSymLinks + MultiViews Allow to cancel all </Directory> ErrorLog $ {APACHE_LOG_DIR} /error.log Record Level Warning CustomLog $ {APACHE_LOG_DIR} /ssl_access.log combined SSLEngine on SSLCertificateKeyFile /etc/apache2/sslcert/apache.key SSLCertificateFile /etc/apache2/sslcert/apache.crt #SSLCACertificateFile /etc/ssl/certs/bundle.crt BrowserMatch "MSIE [2-6]" \ nokeepalive ssl-unclean-shutdown \ downgrade-1.0 force-response-1.0 # MSIE 7 and later versions should be able to use keepalive BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown </VirtualHost> </IfModule>

Regards

Improve this question
3
  • 3
    If you don't have an SSL certificate a redirect won't work. People would have to accept an invalid certificate before they get redirected. nobody will do that. Commented Aug 8, 2019 at 8:08
  • 2
    Apart from that your .htaccess files is full of syntax errors (spaces in the wrong place). you should get a 500 error with this. Commented Aug 8, 2019 at 8:11
  • Just get a free SSL certificate from e.g. letsencrypt.org instead. It'll save you a lot of hassle down the line. Commented Aug 12, 2019 at 13:06

1 Answer 1

Reset to default
1

This cannot work without an ssl certificate. Here's why:

When the browser connects to the server the security layer validates the connection (including the name(s) on the certificate with the name the browser is requesting) before the browser send the HTTP request (eg: GET / HTTP1/1).

The HTTP dialog is the same for both http and https, but the encryption is negotiated before it starts.

For HTTP 1.1 all requests should also havea Host: header specifiyng which host the request is for, Apache will calculate the full URI from the combination of the Host: header and the URI in the request.

If you can't start the HTTP conversation you can't get a request so you can't respond to it in any way.

Improve this answer

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.