At Wed, 19 May 2010 15:21:06 -0600 CentOS mailing list <centos at centos.org> wrote: > > On Wed, May 19, 2010 at 2:33 PM, Robert Heller <heller at deepsoft.com> wrote: > > At Wed, 19 May 2010 14:08:59 -0600 CentOS mailing list <centos at centos.org> wrote: > >> <VirtualHost xxx.xxx.xxx.xxx:80> > >> Â Â ServerName domainname.com > >> Â Â Redirect permanent / http://www.domainname.com/ > >> </VirtualHost> > > > > You don't really need this -- you can just add the line below to your existing > > <VirtualHost> spec for www.domainname.com > > > > ServerAlias domainname.com > > This doesn't work. This is what we had before. When you just add the > ServerAlias domainname.com to the VirtualHost configuration, when the > user goes to http://domainname.com, it stays on http://domainname.com, > and does not redirect to http://www.domainname.com. We need to have it > go to http://www.domainname.com so that when they click a link on out > site that then takes them to https://www.domainname.com so that it > matches the SSL certificate. The https: URL should be an absolute, fully qualified URL and *explicitly* have the www.domainname.com hostname. It should NOT be a relative URL or any other games, including PHP/Perl/etc/ code that (blindly) uses the SERVER_NAME environment variable -- that is the code should either have the proper URL hard-wired OR should programatically check SERVER_NAME for the presense of the 'www.' in the front (eg if NOT regexp '^www.' SERVER_NAME then prepend 'www.' onto SERVER_NAME). It should not matter what name is being used to access the non-SSL side of the side. > > >> I tried using the same thing as above, but changing the port number to > >> 443, and the http to https on the redirect line, but that actually > >> breaks the site, and only displays an error: > >> Secure Connection Failed > >> (Error code: ssl_error_rx_record_too_long) > > > > Probably because the VirtualHost for domainname.com:443 does not include > > the SSL cert info. Â You can try including a ServerAlias line to your > > VirtualHost:443 container for www.domainname.com. > > That is already done, and still is giving us the SSL error, when > trying to do a redirect. > > > The only other thought would be look at your DNS record(s) for > > domainname.com and make sure those records are 'sane' (in terms of which > > name has the IP address and which is a CNAME record). > > I believe this is correct, but I will double check that. Thanks for > the suggestion. -- Robert Heller -- Get the Deepwoods Software FireFox Toolbar! Deepwoods Software -- Linux Installation and Administration http://www.deepsoft.com/ -- Web Hosting, with CGI and Database heller at deepsoft.com -- Contract Programming: C/C++, Tcl/Tk