Non http redirect to another https domain ?

Sure I read about this some where. I will try and explain the issue

I have domains that are not using SSL http://example.com. if https://example.com is used on a site that has no SSL it puts up a “this site is not secure” in your browser.
If you ignore the not “recommended warning” and continue to the website it redirects you to a different domain name that’s using SSL??
Why does it do this and is there a way to stop it redirecting from one domain to another on the server.

Thank you for any help.

Hi,

This is expected behaviour, and is just the way Apache works.

The best way to fix it is to generate a free certificate for the domain in question with Let’s Encrypt (you may need to enable the LE plugin in NodeWorx). You could also use a self-signed certificate, but when LE is available, why bother!

InterWorx are working on a fix for this, and are also working to have SiteWorx automagically generate LE certificates for all domains too.

Hope this helps,

Jon

I remember now, Its to do with SNI. apache defaults to the next site that does have a SSL Cert.
Not shown up before but on one ip I have a mixture of non SSL and SSL sites.
Hope there’s a fix in the future
Thanks for your reply

Hello–

Unfortunately, this anything that we can fix, since it is an Apache level functionality, not an InterWorx level one. It’s just how Apache decided to handle allowing more than one domain on an IP address. There isn’t really much we can do to in that matter.

However, we are in the process of working on automatically creating SSL certs via Let’s Encrypt upon account creation, which will mitigate the issue, however, there is no ETA at this time.