Problem on URL redirection


#1

Hello everyone,

I want to redirect following domains but I am getting security alert on it the HTTPS one.

cc.com ---->  cc.com//connections?currency=EUR                      [WORKS]
http://cc.com ----> http://cc.com//connections?currency=EUR     [WORKS]
https://cc.com ----> https://cc.com//connections?currency=EUR      [WORKS, but with security warning]
http://www.cc.com --> http://www.cc.com//connections?currency=EUR     [WORKS]
https://www.cc.com --> https://www.cc.com//connections?currency=EUR  [WORKS, but with security warning]

My config is as follows.

# CC Redirect
acl host_cc hdr(host) -i cc.com
acl host_cc hdr_beg(host) -i www.
reqirep ^Host:\ www.(.*)$ Host:\ \1 if host_ff
http-request redirect code 301 location https://www.cc.com//connections?currency=EUR if host_cc

Can you please help me with the config and tell me how can I fix this security warning alerts?
Thank you


#2

Can start by saying what the security warning actually says?


#3

Thanks for replying @lukastribus!

Your connection is not private
Attackers might be trying to steal your information from cc.com (for example, passwords, messages, or credit cards). Learn more
NET::ERR_CERT_COMMON_NAME_INVALID
This server could not prove that it is cc.com; its security certificate is from *.XXXXXX.com. This may be caused by a misconfiguration or an attacker intercepting your connection.


#4

You don’t have the correct certificate.


#5

Thanks @lukastribus
Any idea on how I can pass the certificate while redirection? Before redirection https://cc.com certificate, does not have any issue and it was working fine.

Also, any recommendation on my rules to make them more optimised?


#6

The certificate needs to be valid for all hostnames you are using. If you a redirecting to a hostname that is not covered by the certificate, you will see that error.


#7

Thank you @lukastribus