Why isn’t it possible to use a CNAME redirect with HTTPS

http redirect https dns cname
77,951

Solution 1

Assume you have a CNAME record:

travel-maps.example.com CNAME c.commondatastorage.googleapis.com.

Browser resolves name travel-maps.example.com and gets IP for c.commondatastorage.googleapis.com, then connects to port 443 of this address.

Server with this IP couldn't possibly[1] have proper certificate for travel-maps.example.com (and all other domain names with CNAME records like this). Only example.com domain owner could get a trusted cert for his own domain.

[1] Unless you uploaded the certificate to the CDN network which is a common feature nowadays.

Solution 2

It is possible!

There could be many domains attached to one SSL certificate.

ASSUME travel-maps.example.com CNAME c.commondatastorage.googleapis.com.

When both domains are in the SSL cert list, your CNAME can redirect with HTTPS.

Demo

This is how CDN service provider such as Incapsula with works with HTTPS. They just create a "Multi-domain" SSL cert for you.

You may check a demo cert-info in this site. https://www.incapsula.com/

Any way, this kind of SSL cert is for business use in most case and are generally pretty expensive.

Share:
77,951
qdii
Author by

qdii

Updated on July 09, 2022

Comments

  • qdii
    qdii almost 2 years

    This Google Storage documentation page states that You can use a CNAME redirect only with HTTP, not with HTTPS. But I cannot see any reason for that. Can anyone explain me why?

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

IIS HTTP to HTTPS relative redirect
Redirect from secure https to http for only one page
Redirect HTTPS to HTTP permanently, from Apache VirtualHost
How do I redirect all HTTP requests to HTTPS when ISP blocks port 80?
HTTP to HTTPS redirect even for IP
"Remove the following redirect chain if possible" on Nginx
nginx redirect http to https not working
HAProxy redirect HTTPS to HTTP
Redirect from http to https
How to redirect HTTP to HTTPS on AWS Application Load Balancer?