How to fix https version of a site redirecting to the wrong domain

Some hosting providers restrict customers to a single SSL/TLS certificate per socket. (In simple terms, a socket is the combination of IP address and port number.) Since Apache listens to port 80 for non-SSL connections and port 443 for SSL connections on the same IP address, customers usually need a separate IP address for each certificate.

At the same time, you can configure Apache for multiple domains to share a single IP address using virtual hosts. Each virtual host gets its own port and Apache listens to this port, redirecting connections to the appropriate domain.

The combination of the above behaviours can sometimes cause complications when you install a single SSL Certificate on a shared IP address. Secure connections to port 443 of an IP address will be directed to the virtual host and domain assigned to that port. Thus, if you try to make a secure connection to a domain on a shared IP address, Apache will create a socket to the actual domain listening to port 443. Depending on your configuration, this domain may be a default virtual host or one that is explicitly set to listen to port 443.

The possible solutions depend on the types of configurations supported by your hosting provider. These include:

  1. Moving each domain with SSL certificates to its own IP address.
  2. Use Server Name Indication (SNI) to define separate SSL virtual hosts.
  3. Creating a default virtual host in your SSL file that does nothing but redirect to non-SSL connection.
  4. Installing a self-signed certificate on each domain name on that IP address.
  5. Making a different SSL host the primary certificate for the IP address.

Resources

Another Cup of Coffee Limited

We support Drupal and WordPress websites for small businesses, media agencies and not-for-profit groups. Our work includes setting up and maintaining content management systems, developing custom code and troubleshooting problems with servers.

My Role as founder

Founder, project manager and developer, 2006 to present

Day-to-day, I manage remote teams for my company, Another Cup of Coffee, using a simplified version of Scrum. We’re a group of independent professionals from different cities around the world working under one brand-name. When a new project comes along, I put together a team with the most relevant skills.

Aside from managing projects, I’m also a hands-on developer and systems administrator.

CMG plc

CMG was large Anglo-Dutch IT services company providing management and IT consultancy. Its SMS Service Centre and WAP Service Broker was used by mobile operators around the world. CMG became LogicaCMG after a merger with Logica in 2002.

My Role as an employee

Consultant and Team Leader, Feb 2001 to Apr 2002

I was a consultant in CMG’s Advanced Mobile Solutions team, specialising in systems and software development for mobile services. CMG assigned me to a wide range of projects for mobile operators Orange, Vodafone and Hutchison 3G (known as ‘3’ in the UK). These included development and consulting-based work, either as a team leader or team member.

Summary of projects:

  • Involved in the development of an advanced Location Based Services engine. Solution is designed to track mobile users and pass location information to third-party applications.
  • Produced a wide range of technical studies, including investigation for a 3G Network Operator’s Application Enabling Platform.
  • Consultant for the development of a Knowledge Management tool to improve information sharing throughout the organisation.
  • Investigated cutting-edge technologies and their implications for next-generation mobile devices. Areas included Java MIDP and WAP 1.2 specifications such as the Wireless Identity Module and Wireless Telephony Application.
  • Responsible for WAP-over-GPRS technical feasibility studies for a Managed WAP Gateway.

Technical skills important for development projects were:

  • Java, J2ME, MIDP, KVM
  • XML
  • Apache
  • Tomcat
  • Microsoft Access
  • Visual Basic
  • VBA
  • SQL
  • HTML
  • XHTML
  • CSS
  • WAP
  • WML
  • Web development to W3C standards