Forcing www for HTTPS

[themule]

Hi, a client of mine purchased and SSL for www.mysite.com (not a wild card SSL)

 

So when a user goes to https://mysite.com, we get some sort non-secure/trusted error.  I'm trying to use mod_rewrite to force the www when it doesn't exist but nothing seems to work.  Here is an example of my rewrite code:

 

RewriteCond %{SERVER_PORT} ^443$
RewriteCond %{SERVER_NAME} ^mysite.com$
RewriteRule (.*) http://www.%{SERVER_NAME}%{REQUEST_URI} [R=301,NC,L]

[premiso]

Try this for the rule / cond's:

 

RewriteCond %{SERVER_PORT} ^443$
RewriteCond %{HTTP_HOST} ^mysite.com
RewriteRule ^(.*)$ https://www.%{HTTP_HOST}/$1 [R=301,NC,L]

 

If that does not work try this for the rule (keep the same conditions as above):

RewriteRule ^(.*)$ https://www.mysite.com/$1 [R=301,NC,L]

 

Since you are doing the port checking for 443, you should probably make the http be https

[themule]

Thanks for the catch on the https

 

I tried both of those solutions and neither worked.

[premiso]

Well, I never used the SERVER_PORT command before, so I cannot vouch for that at all.

 

But reading some other forums, you may take a look at the ending parts of this forum:

http://www.webmasterworld.com/apache/3970987.htm

 

It talks about your vhosts file and how it needs to be setup properly for this to work right. Let us know if that worked and possibly the right steps you had to take.

[cags]

Are all the Conds actually being met? I.E. does the URL actually change in the address bar?

[themule]

As far as I know they're being met.  When I go to http://mysite.com the HTTP_HOST is mysite.com  and if I go to https://www.mysite.com the SERVER_PORT is 443

[cags]

Hypothesising about whether the CONDs are being met is irrelevant and pointless, as I asked in my last post does the URL in the address bar change after you have entered your test URL? If it doesn't then either the CONDS or the RULE itself are not being matched.

[themule]

No, the URl doesn't change, but is it possible the secure connection is attempted before the .htaccess file is read?

[cags]

What your .htaccess file seems to be doing is checking if the request is being made on port 443 and has the domain name mysite.com without any subdomain. So are we saying that the overall objective is to redirect any SSL requests to the base domain to the www. subdomain?

[themule]

No, the problem is that the SSL cert is only for www.domain.com, and if someone removes (and has) the www., they get the error.  So what I want for SSL requests, is to make sure the URL has the www.  No subdomains are being used.

[cags]

Err... www. IS a subdomain.