URL 重写无效证书 [英] URL Rewrite invalid certificate

问题描述

因此，我们在 IIS 10.0 上运行，并且在我们的 ISP 上注册了多个域，这些域都指向我们网络服务器的公共 IP.网络服务器只有一个分配给通配符子域的证书.所以#.rootdomain.nl

我已经设置了一个 URL 重写来将所有不同的域重写为我们的根域:
结果.

最后，我们可以随意应用 URL 规则了.

<重写><规则><规则名称=我的规则"启用=真"stopProcessing=真"><match url="(.*)";ignoreCase =假"/><conditions logicalGrouping="MatchAll";trackAllCaptures="false"><add input="{http_host}";模式=www.bing2.com"/></条件><动作类型=重定向"url=https://www.bing.com"重定向类型=永久"/></规则></规则></rewrite></system.webServer>

如果有什么我可以帮忙的，请随时告诉我.

So, we are running on IIS 10.0 and have multiple domains registered at our ISP which all point to the public IP of our webserver. The webserver has only one certificate assigned to a wildcard subdomain. So #.rootdomain.nl

I've setup a URL rewrite to rewrite all the different domains to our root domain: https://www.rootdomain.nl however the problem I'm experiencing is that the first redirect goes alright but the second doesn't gets redirect instead the browser says there no valid certificate for this domain.

URL config:

<rule name="Redirects to www.domain.com" enabled="true" patternSyntax="ECMAScript" stopProcessing="true">
    <match url=".*" />
    <conditions logicalGrouping="MatchAny">
        <add input="{HTTP_HOST}" pattern="^(www.)?rootdomain.(com|be|de)$" />
    </conditions>
    <action type="Redirect" url="https://www.rootdomain.nl/{R:0}" redirectType="Permanent" />
</rule>

What I try to achieve: .com to .nl www.rootdomain.com -->> redirect -->> www.rootdomain.nl rootdomain.com -->> redirect -->> www.rootdomain.nl

.de to .nl www.rootdomain.de-->> redirect -->> www.rootdomain.nl rootdomain.de-->> redirect -->> www.rootdomain.nl

.be to .nl www.rootdomain.be-->> redirect -->> www.rootdomain.nl rootdomain.be-->> redirect -->> www.rootdomain.nl

Offcourse all http trafic must be redirect to HTTPS so that's the second rule:

<rule name="Redirect to HTTPS" enabled="false" patternSyntax="Wildcard" stopProcessing="true">
    <match url="*" />
    <conditions logicalGrouping="MatchAny" trackAllCaptures="false">
        <add input="{HTTPS}" pattern="OFF" />
    </conditions>
<action type="Redirect" url="https://{HTTP_HOST}{REQUEST_URI}" appendQueryString="false" />

And this is what I experience:

www.rootdomain.com -->> Invalid certificate(Click go anyway) -->> redirect -->> https://www.rootdomain.nl rootdomain.com -->> Invalid certificate(Click go anyway) -->> redirect -->> https://www.rootdomain.nl

解决方案

We have to ensure that the HTTPS site binding has the valid certificate configured. Every domain name that the server owns corresponds to the subject of the certificate, otherwise, the browser will prompt an error pertaining to an invalid certificate when we access the browser.
In order to bind multiple certificates to the same port for every domain name, we need to tick the below option.

The result.

At last, we can apply URL rules as we like.

<system.webServer>
       <rewrite>
        <rules>
          <rule name="MyRule" enabled="true" stopProcessing="true">
            <match url="(.*)" ignoreCase="false" />
            <conditions logicalGrouping="MatchAll" trackAllCaptures="false">
                <add input="{http_host}" pattern="www.bing2.com" />
            </conditions>
            <action type="Redirect" url="https://www.bing.com" redirectType="Permanent" />
          </rule>
        </rules>
      </rewrite>
</system.webServer>

Feel free to let me know if there is anything I can help with.

这篇关于URL 重写无效证书的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！