Why does 301 redirect timeout with HTTPS even though it works with HTTP?
http://example.com/something and https://example.com/something are distinct URIs. Therefore, they identify different resources. While it's common practice to serve the same page on a web site for both http:// and https://, it's by no means mandatory.
(In fact, I generally think it's better to return 404 on http:// URIs that would be sensitive content on https:// during development time, instead of using automatic redirections from http:// to https:// like some do, so as to be able to detect bad links and insecure initial connections, but that's a different problem.)
There is no reason why a redirection from http://example.com/ to https://something-else.example/ should also apply to https://example.com/. They're distinct URIs as far as your browser is concerned.
Since you're saying that there's no HTTPS server listening on port 443 of the domain from which you're trying to make this https:// redirection, nothing is going to happen.
In addition, if you wanted there to be a redirection (or any other form of response) from that HTTPS server, you'd also need a valid certificate for it. (Many CAs will issue certs with two Subject Alternative Names, for example.com and www.example.com, but not all do it for free.)
As a side-node, when you're experimenting with redirections, I'd suggest using 302 instead of 301, since 301 will often be cached by your browser, so the changes you've made in the configuration might not always be applied in your browser.
Related videos on Youtube
02 : 39
05 : 21
17 : 30
02 : 15
02 : 29
Tom G
Updated on September 18, 2022Comments
-
Tom G over 1 year
Through my domain registrar I have set up a domain, essayme.co.uk, to automatically forward to https://google.com.
If I go to http://essayme.co.uk it works as expected and redirects me to https://google.com.
$curl -i http://essayme.co.uk HTTP/1.1 301 Moved Permanently Cache-Control: max-age=900 Content-Type: text/html Location: https://google.com Server: Microsoft-IIS/7.5 X-AspNet-Version: 4.0.30319 X-Powered-By: ASP.NET Date: Sat, 07 Jun 2014 11:14:16 GMT Content-Length: 0 Age: 0 Connection: keep-aliveHowever, if I go to https://essayme.co.uk it just freezes and times out.
$curl -i https://essayme.co.uk curl: (7) Failed connect to essayme.co.uk:443; Operation timed outWhat is happening in the second case?
(and, if possible, how can I get the redirect to work for https?)
Problem background/clarification:
I don't have an SSL certificate for the essayme.co.uk domain above, but I do for my live domain (let's call it mywebsite.com), and I was seeing the exact same problem on this domain (hence why I'm trying to debug the problem). Unfortunately I can't experiment with the live domain (as it's live) and I would like to avoid having to buy a second certificate for essayme.co.uk just for debugging (unless absolutely necessary).
The problem I was seeing:
- my live domain, mywebsite.com (not its real name), has a valid SSL certificate.
- Visiting https://www.mywebsite.com displayed the webpage as expected.
- I had set up forwarding (like in the question above) from the naked domain (mywebsite.com) to https://www.mywebsite.com)
- Visiting http://mywebsite.com redirected to https://www.mywebsite.com as expected.
- However, visiting https://mywebsite.com would freeze and time out (as in the question above).
I also tried forwarding it to http://www.otherwebsite.com as an experiment (i.e. forwarding to another site that does not use SSL), but the result was the same:
- Visiting http://mywebsite.com redirected to http://www.otherwebsite.com as expected.
- Visiting https://mywebsite.com would freeze and time out again.
So I set up essayme.co.uk as an experiment to try and understand why it doesn't work.
-
Admin almost 10 yearsAre you sure, there is a HTTPS service running? Did you buy a certificate and have it set up by your ISP? -
Admin almost 10 yearsHi Eugen. It does not, but I have tested this on another domain that does and it still has the same result. Unfortunately the other domain is my live website, so I can't really experiment with it. I have added a "Problem background/clarification" section to my question above which I hope might clarify the problem a little? If I'll have to buy another SSL certificate to truly test this I can, but I'd obviously like to avoid it if possible.
-
Bruno almost 10 yearsDo
mywebsite.comandwww.mywebsite.compoint to the same IP address (try withnslookup), or itmywebsite.comhandled by a redirection service from your registrar? -
Admin almost 10 yearsThe latter. mywebsite.com's ip address is that of the registrar, and the registrar deals with the redirect. But not when it is https.
-
Admin almost 10 yearsHi Bruno. So it makes sense that http:// example.com and https:// example.com are distinct URI's, but when I set up the forwarding on GoDaddy (support.godaddy.com/help/article/422/…) I can set the "forward-to" option to be http or https, but there is no indication of a "forward-from" option. Therefore my assumption was that it would apply to both? Obviously this isn't the case, but I'm not sure how to set up that https redirect? (Note that I'm referring to my mywebsite.com domain that does have a valid SSL certificate, also provided by GoDaddy).
-
Bruno almost 10 yearsIndeed, this isn't the case. For plain HTTP, you don't need a cert, and GoDaddy can certainly redirect as main domains from
example.comtowww.example.comas they want (or anything else that points to their initial host). For HTTPS, they'd need to set up a cert valid for all redirected hosts on their redirection machine, which would have more constraints for all parties. You'd be able to achieve what you want if you handled the redirection yourself (if both IP addresses were under your control). -
Stephen Ostermiller over 7 yearsThis does not appear to answer the question of why he can't connect to the server when trying to get the redirect over HTTPS.
