SSL证书 - 我需要为重定向到另一个域的域购买SSL [英] SSL Cert - Do I need to purchase SSL for a Domain that redirects to another Domain

查看:685
本文介绍了SSL证书 - 我需要为重定向到另一个域的域购买SSL的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

快点愚蠢的问题,但是要确保。我需要将www.example.com重定向到www.example1.com。 www.example1.com已经使用SSL证书进行安全保护。我需要购买www.example.com的SSL证书吗?我假设不,因为重定向登陆在一个安全的网页上。



请指教。



谢谢,
Alpha

解决方案

发布HTTP级重定向的能力是独立的原始或目标站点是否受HTTPS(SSL / TLS)保护和对应的证书。重定向可以以任何组合的形式发行,特别是所有这些都是允许的:

  FROM TO 
http:// www .example.com http://www.other.example
http://www.example.com https://www.other.example
https://www.example.com http: //www.other.example
https://www.example.com https://www.other.example

在发生任何这些HTTP重定向之前,客户端必须能够使用FROM服务器建立有效的HTTP请求。如果 www.example.com 是任何人都可以使用的互联网访问网站,使用HTTPS,那么它必须使用证书;最好由认可的CA(认证机构)签署。但是,这个问题不是针对重定向主题的具体内容。它将适用于对该服务器的任何请求,应被视为单独的关注



对OP的问题的解释是:不,重定向的来源不需要使用SSL / TLS进行安全,只是为了发布重定向到受保护的站点。(表2中的情况2



可能还有其他原因,为什么始发服务器应该使用HTTPS,但不是要求只是为重定向的能力。请注意,在某些情况下(例如情况3),浏览器可能会警告用户是否从HTTPS上下文重定向到不安全页面。


Quick dumb question but want to make sure. I need to redirect www.example.com to www.example1.com. www.example1.com is already secured with a SSL cert. Do i need to purchase a SSL cert for www.example.com? I am assuming 'No' because the redirect is landing on a page that is aready secured.

Please advise.

Thanks, Alpha

解决方案

The ability to issue an HTTP-level redirect is independent of whether the original or destination sites are protected by HTTPS (SSL/TLS) and a corresponding certificate. Redirects may be issued in any combination, specifically all of these are allowed:

FROM                      TO
http://www.example.com    http://www.other.example
http://www.example.com    https://www.other.example
https://www.example.com   http://www.other.example
https://www.example.com   https://www.other.example

Before any of these HTTP redirects to take place, the client must be able to establish a valid HTTP request with the "FROM" server. If www.example.com is an Internet-accessible site intended to be used by anyone, and it uses HTTPS, then it must use a certificate; preferably, one signed by a recognized CA (Certificate Authority). However, this concern is not specific to the topic of redirects; it would apply to any request to that server and should be treated as a separate concern.

The answer to my interpretation of the OP's question is: No, the source of a redirect does not need to be secured with SSL/TLS merely in order to issue a redirect to a protected site. (Case 2 in my table above.)

There may be other reasons why the originating server should use HTTPS, but it is not a requirement merely for the ability to redirect. Note that in some cases (e.g. case 3) a browser may warn the user if redirecting to an insecure page from an HTTPS context.

这篇关于SSL证书 - 我需要为重定向到另一个域的域购买SSL的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!

查看全文
登录 关闭
扫码关注1秒登录
发送“验证码”获取 | 15天全站免登陆