Question

https:// redirect to http:// without having to accept self signed cert

Posted February 17, 2015 5.1k views

How can I get around the need to have users accept my self signed certificate and just direct all users that hit https://site.com to http://site.com. Have tried everything I can find on DO…

Ubuntu WordPress on Ubuntu 14.04

Thank you,

Add a comment
JCWIEN
By:
JCWIEN
Add a comment
1 comment
  • gohwm September 3, 2015
    Reply Report

    i encountered same problem..
    We have 2 domains, one of them has ssl.
    what i wish to do is redirect https from the one which we don’t have ssl to the one which we have.

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

×
2 answers
gparent February 17, 2015

You can’t.

Reply Report
JCWIEN February 17, 2015

Is there anything I can do? I see plenty of other sites that redirect to http when https is entered. How do they accomplish that? I do not need https, http is just fine…

Reply Report
  • gparent February 17, 2015

    Why are you even trying to do this? It makes no sense to perform a HTTPS to HTTP redirection. It seems like you may not understand what HTTPS is about.

    Reply Report
  • JCWIEN February 17, 2015

    Thank you, I fully understand what https is about. We are not using ssl and don’t have a need for it. But we do need to cover our basis for the edge case someone accidentally verbosely enters https:// and have it do something more elegant than tell the user that this site isn’t secure. I just want it to silently redirect to the http:// version. I really don’t see what the issue is and why that is so odd.

    Reply Report
  • gparent February 18, 2015

    The reason it’s odd is because the requirements for setting the redirect are the same as for just setting up SSL in the first place. So once you’re done, there’s literally no reason to do the redirect anymore, because users could just naturally use SSL when browsing your site instead.

    If you don’t want users to be told the site isn’t secure, I suggest closing off port 443 (with a REJECT response rather than DROP) so that users aren’t mislead into believing the site is secure, and don’t have to see that annoying pop-up.

    Otherwise, like I said - you can’t do this with your current requirements.

    Reply Report
Submit an Answer

Looking for something else?

Ask a new question Search for more help