What is the best way to set up redirects for Wordpress MU + subdomain + mapping + nginx + ssl?

A

adiom2014-06-02 23:23:00

Nginx

adiom, 2014-06-02 23:23:00

there are two servers in nginx.conf :

listen 443  ssl deferred spdy;
server_name dom.org;

listen 80 default_server;
server_name dom1.com dom.ru;

everything works fine, except for one thing:
dom.org uses https and is the main site of the network
, you need to make the correct redirects from dom.org and www.dom.org to https://dom.org this is done using a third server

server {
server_name dom.org www.dom.org;
return 301 https://dom.org$request_uri;
}

sometimes problems occur with such a scheme, for example, when users accidentally log in to https://dom.ru/ , the browser responds with an error about replacing the certificate.
For several months I have been trying to find the right solution using if $host rewrite and so on, but nothing has come of it.
How to describe all three servers in one? so that if the address = dom.org then on https:// and if other addresses are forced on http without www

Reply

Answer the question

In order to leave comments, you need to log in

1 answer(s)

V

Vlad Zhivotnev, 2014-06-03
@inkvizitor68sl

If the user visits https://dom.ru/ himself , he will see a warning anyway.
Pay 50 bucks in StartSSL for two years (in other places, a certificate for 4 domains will be more expensive) and make yourself a certificate for all the domains that you have.
The user comes to port 443, asks for a certificate, establishes an encrypted connection, then passes the Host header and does all the checks for the certificate, in short. In the case of SNI, everything is a little different, but the essence is the same - the user has already come to port 443 for the "wrong" site and he needs to show something. Including a certificate to give at least some.
Too lazy to go into science (how and what is signed in what order), but the essence should be clear to you)