Topic: Disabled HTTPS To Domains Without Certificate SSL?

[finenotes]

Hi,

I have ONE VPS with Single IP and 1 am running 3 website from that server.

I configured ssl on site1 and site2, these sites are working fine.

site3 is running running without ssl but when i go https://site3, i got on https://site1.com page.

can I stop this, i want to it show 'there is no https for this site' or automatic redirect to the http version of site3.

[glsmith]

This is kind of a dilemma because like regular http vhosts, the first one configured is the default. For instance, if you go to http://your-ip-address you should get whichever site is your first vhost. Https is the same way, first one configured is the one that will be served when the hostname doesn't match any of the configured ones.

Another problem is that with https, the initial browser<->server communications deal with agreeing on a cipher and opening a secure connection before anything so if there is no valid cert for the hostname, the browser will warn about the site not being trusted and try to discourage the user from continuing on. If the user decides to continue, at this point is when any rewrite can finally kick in.

The best way to deal with this is to configure the https vhost and get a trusted CA signed cert for that site as anything else will not be seamless. You still have the other possibilities but the user will be warned.