Https main domain and HTTP subdomain issues

scjmoore · April 13, 2015, 8:34pm

Hello All,

I am having a slight issue, I am working on a site for a client, I have installed SSL for the main part of the domain https://domainname.com

I have also setup the following subdomain http://assets.domainname.com

I am using the following rewrite rule thanks to Jeff_Mott:

# Rewrite only if the request isn't for a real file, such as index.php
RewriteCond %{REQUEST_FILENAME} !-f

# Rewrite everything to index.php, passing the original path as a query,
# and also retaining the original query string (QSA).
RewriteRule ^(.*)$ index.php?i=$1 [QSA]

The problem now is the following. Let’s say I want to include a CSS file in the page.
If I write it like this: then my browser is complaining that I’m requesting the page itself via HTTPS (e.g. https://domain.com/user/register) but trying to load the static content via HTTP.
But if I change it to this: then it gives the error “net::ERR_INSECURE_RESPONSE”

Any suggestions? I’m guessing this might be because the SSL certificate doesn’t cover the subdomain, or an issue with the Rewrite is that possible?

Many thanks for all your help

Joe

rpkamp · April 13, 2015, 8:38pm

The problem is that the subdomain doesn’t have SSL so you get a “mixed content” error; when the HTML is requested over https, all assets must be requested over https as well (note that the other away around does not hold).

So what you should do is add ssl to your subdomain as well. Beside using your main domain instead of subdomain for serving assets there is no way around this really.

system · July 14, 2015, 3:49am

This topic was automatically closed 91 days after the last reply. New replies are no longer allowed.