At Wed, 19 May 2010 17:02:31 -0400 CentOS mailing list <centos at centos.org> wrote: > > On 05/19/2010 04:08 PM, Ski Dawg wrote: > > The problem I am running into is if they go to https://domainname.com > > (straight to the secure site), I am not able to find a solution that > > will redirect them to https://www.domainname.com, so that the ssl > > certificate matches and they won't get the "This connection is > > untrusted" warning. > > > > Is there something obvious that I am missing? Is there a better way to > > ensure that everyone will always end up with the www in the url, so > > the certificate always matches? > > The problem you are running into is that SSL sessions are negotiated > prior to the browser sending the virtual host name, so there is no > opportunity to redirect the client to the www URL before it's too late. > Aside from purchasing a second SSL certificate for the plain domain > name or getting a wildcard certificate to cover both, I would just make > sure the links on your web site to the secure version of the domain > specify the www in the URL. Also: don't 'advertise' the https:// URL at all. Visitors should always go to you non-SSL site first. > > -Zack > _______________________________________________ > CentOS mailing list > CentOS at centos.org > http://lists.centos.org/mailman/listinfo/centos > > -- Robert Heller -- Get the Deepwoods Software FireFox Toolbar! Deepwoods Software -- Linux Installation and Administration http://www.deepsoft.com/ -- Web Hosting, with CGI and Database heller at deepsoft.com -- Contract Programming: C/C++, Tcl/Tk