[BlueOnyx:18634] 5209R SSL redirection
Chris Gebhardt - VIRTBIZ Internet
cobaltfacts at virtbiz.com
Mon Nov 9 16:13:15 -05 2015
Hi All,
I think I see a potential bug here, but I'm not 100% certain.
Therefore I thought I would bring it up.
What I'm seeing:
Customer has a vsite with no SSL. Customer tries SSL connection to the
vsite and Apache then pulls a certificate from a DIFFERENT vsite that
DOES have SSL (and a valid cert). Obviously this causes a certificate
mismatch alert in the browser. If the user accepts the certificate,
then the user is redirected to the site WITH the SSL.
My recollection from previous BlueOnyx versions is that if no SSL is
enabled for the vsite, the connection simply times out as there's
nothing listening on that port. I think that would be preferable...
I'll be honest - I didn't notice anything until a customer brought it to
our attention today wondering why we're sending visitors to his site to
another site he has no affiliation with. <scratches head> Good question!
Have I missed something?
--
Chris Gebhardt
VIRTBIZ Internet Services
Access, Web Hosting, Colocation, Dedicated
www.virtbiz.com | toll-free (866) 4 VIRTBIZ
More information about the Blueonyx
mailing list