问题
So, we are running on IIS 10.0 and have multiple domains registered at our ISP which all point to the public IP of our webserver. The webserver has only one certificate assigned to a wildcard subdomain. So #.rootdomain.nl
I've setup a URL rewrite to rewrite all the different domains to our root domain: https://www.rootdomain.nl however the problem I'm experiencing is that the first redirect goes alright but the second doesn't gets redirect instead the browser says there no valid certificate for this domain.
URL config:
<rule name="Redirects to www.domain.com" enabled="true" patternSyntax="ECMAScript" stopProcessing="true">
<match url=".*" />
<conditions logicalGrouping="MatchAny">
<add input="{HTTP_HOST}" pattern="^(www.)?rootdomain.(com|be|de)$" />
</conditions>
<action type="Redirect" url="https://www.rootdomain.nl/{R:0}" redirectType="Permanent" />
</rule>
What I try to achieve: .com to .nl www.rootdomain.com -->> redirect -->> www.rootdomain.nl rootdomain.com -->> redirect -->> www.rootdomain.nl
.de to .nl www.rootdomain.de-->> redirect -->> www.rootdomain.nl rootdomain.de-->> redirect -->> www.rootdomain.nl
.be to .nl www.rootdomain.be-->> redirect -->> www.rootdomain.nl rootdomain.be-->> redirect -->> www.rootdomain.nl
Offcourse all http trafic must be redirect to HTTPS so that's the second rule:
<rule name="Redirect to HTTPS" enabled="false" patternSyntax="Wildcard" stopProcessing="true">
<match url="*" />
<conditions logicalGrouping="MatchAny" trackAllCaptures="false">
<add input="{HTTPS}" pattern="OFF" />
</conditions>
<action type="Redirect" url="https://{HTTP_HOST}{REQUEST_URI}" appendQueryString="false" />
And this is what I experience:
www.rootdomain.com -->> Invalid certificate(Click go anyway) -->> redirect -->> https://www.rootdomain.nl rootdomain.com -->> Invalid certificate(Click go anyway) -->> redirect -->> https://www.rootdomain.nl
回答1:
We have to ensure that the HTTPS site binding has the valid certificate configured. Every domain name that the server owns corresponds to the subject of the certificate, otherwise, the browser will prompt an error pertaining to an invalid certificate when we access the browser.
In order to bind multiple certificates to the same port for every domain name, we need to tick the below option.
The result.
At last, we can apply URL rules as we like.
<system.webServer>
<rewrite>
<rules>
<rule name="MyRule" enabled="true" stopProcessing="true">
<match url="(.*)" ignoreCase="false" />
<conditions logicalGrouping="MatchAll" trackAllCaptures="false">
<add input="{http_host}" pattern="www.bing2.com" />
</conditions>
<action type="Redirect" url="https://www.bing.com" redirectType="Permanent" />
</rule>
</rules>
</rewrite>
</system.webServer>
Feel free to let me know if there is anything I can help with.
来源:https://stackoverflow.com/questions/62656301/url-rewrite-invalid-certificate