pioneerx01 Posted January 15, 2015 Share Posted January 15, 2015 I have two domains both running SSL. Let's call them old-domain and new-domain. old-domain is permanently redirecting traffic to new-domain. There are still a lot of links out there to old-domain with https://. If I were to remove SSL from old-domain but keep SSL on new-domain, I am betting that users will be getting some sort of certificate error. Right? Any way around that if I want to remove SSL from old-domain? Quote Link to comment Share on other sites More sharing options...
requinix Posted January 15, 2015 Share Posted January 15, 2015 (edited) If I were to remove SSL from old-domain but keep SSL on new-domain, I am betting that users will be getting some sort of certificate error. Right?If you were to remove the existing "good" certificate and put in a self-signed "bad" certificate, yes. You can't actually remove SSL and have https work. Any way around that if I want to remove SSL from old-domain?Nope. Can't have https without SSL. Users have to be able to connect to the server, send a request, and receive the response which tells them to go to new-domain. Edited January 15, 2015 by requinix Quote Link to comment Share on other sites More sharing options...
Jacques1 Posted January 15, 2015 Share Posted January 15, 2015 The whole point of HTTPS is to make sure that the client actually gets the site they requested (or nothing at all). If anybody could simply trigger a redirect to a different site, then the protocol would be rather useless. Just think about it: “You want https://www.paypal.com? Nah, I'll redirect you to https://paypal.phishing.ru instead”. That obviously wouldn't be acceptable. It doesn't matter how many new domains you have: If a client visits the old domain, you either have to present a valid certificate for that domain, or they'll get a big red warning. I strongly recommend that you learn the basics of HTTPS before you take any further steps. Distributing “https://” URLs to a temporary domain wasn't very smart, because now you need certificates for that old domain for the entire lifetime of the content. All you can do now is either get a free certificate from StartCom each year or wait for the Let's Encrypt campaign which is supposed to provide free certificates through an automated procedure. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.