insert www

Product Discussions aFleX
1

I have an aflex that inserts www if they come in without it and redirects to https://. it works fine if they come in on http, but does not work if they use https. the aflex is bound to both the 443 and the 80.

http://xyzsite.com (works)
https://xyzsite.com (does not work)

when HTTP\_REQUEST \{ 
if \{[HTTP::host] starts\_with "xyzsite"\} \{ 
HTTP::redirect "https://www.[HTTP::host][HTTP::uri]" 
\} 
\}
2

I see the aFlex forum software has problems displaying brackets and quotes :slight_smile: I thought you were missing them until I tried to post my version and saw the same problem.

The redirect does work, I just tried it on my AX. So it must be your matching logic? but you say it works on port 80 though.

3

This may be basic, but make sure you have type https and you are terminating SSL for the 443 virtual port.

4

yes, it works on the port 80 on the VS. The aflex is not working on the 443 port for the VS.
The VS is configured for HTTPS, aflex bound, snat, and the Client-SSL is configured and bound to the 443 on the VS. When I first hit the site on the 443 without the www, I get a cert error saying the site cert is for www.xyzsite.com. If i check I understant the risk and accept the cert error, it goes ahead and enters the www. It is acting like it is hitting the ssl and giving the cert error before it runs the aflex.

5

I am currently running 2.6.1-P1-SP3(build: 3).

6

This is expected behavior. The subject of your SSL certificate is apparently “www.xyzsite.com”. Unless you purchase an SSL certificate that allows multiple subject domains, you will always receive this error unless your URL host is exactly “www.xyzsite.com”. The reason is simple; SSL certificates verify you are communicating with the host you intend to communicate with. “host1.xyzsite.com”, “www.xyzsite.com”, “xyzsite.com”, and “host2.www.xyzsite.com” are all considered different hosts in the “xyzsite.com” domain. You could get a second SSL certificate for “xyzsite.com”, but if you can only associate one SSL certificate with a virtual site, you would have to resolve “xyzsite.com” to a different virtual server (usually though using a different IP address) and then redirect to https://www.xyzsite.com. The wildcard SSL certificate or whatever your CA calls it allows multiple hosts on one certificate. These are normally more expensive than the single subject SSL certificates of course.