Partial HTTP to HTTPS rewrite and IRM redirect

_Jim_ · 06-20-2021, 05:57 PM

Hi.
2 questions:
Objective:
I have 1 main .com domain with a SSL certificate- that I want to force all http requests to https for that domain (part I)
and
have the same main domain but .us site redirect to the .com site for any requests (part II)

Without forcing other IRMs that use the same .htaccess file to go to https since they do not have certificates and displays a user warning (if there is a way for IRMs to optionally use the same main domain certificate that would also be nice to know, or how to obtain IRM certificates);

I have tried to modify the previous .htaccess file to include this:
RewriteEngine On
RewriteCond %{HTTP_HOST} ^MyDomain\.com [NC]
RewriteCond %{SERVER_PORT} 80
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]

which seems to partially work for part I (and without forcing the IRMs to https)- although that only works for the main page mydomain.com - other web pages mydomain.com/page1.htm do not result in the https rewrite.

so the 2 Questions are:
1. How to get all the http .com pages to use https (through the htaccess file preferably), without affecting the http IRMs?
2. How do I also get the 1 IRM, the .us site (all pages) to redirect to the .com site in the same .htaccess file(?) through a redirect or rewrite?
Or is it better to have the .us site an IMO (same web content- will it use the SSL cert. of the .com? how change if so?)

Thanks,

**Kevin** · 06-20-2021, 06:07 PM

You don't really need to exclude the IRs. You are using our Let's Encrypt system for your certificate so the IRs can easily be added...

In the CNC under Certificate Manager click on "Generate/use Let's Encrypt certificate" You will then see a list of all the domains and www.domains we host for you. With the exception of any that are no longer pointing at us check them all and hit the generate button. Note that it can take more than a minute to complete so don't get impatient.

_Jim_ · 06-20-2021, 06:36 PM

Yes- that is very helpful-
I just generated a new certificate with all domains and now all the IRMs are included in the certificate-

However-, when I go to view the certificate details in the browser, it shows 1 of the IRMs as the main issuer, rather than the main site-
Subject: CN= anIRMdomain
is that changeable to the main site
CN= main site
(and include the iRMs in the same certificate)?

**Kevin** · 06-20-2021, 06:37 PM

It is simply in alphabetical order.

_Jim_ · 06-20-2021, 06:53 PM

Right- I now see the certificate has all the domains together and listed (as alternative names).
Is it possible to have more than 1 certificate (1 for the main domain and 1 for all the IRMs)?

**Kevin** · 06-20-2021, 06:58 PM

While it is technically possible (it hasn't always been) our systems weren't designed for it. I don't see us needing it anytime soon as the technology has significant drawbacks: https://www.namecheap.com/support/kn...ni-technology/

Also, the real advantage is that a single IP would be able to handle certificates managed by different unrelated people which wouldn't apply here.

_Jim_ · 06-20-2021, 07:09 PM

As long as it works, as it does now (the padlock showing in the browser, and no browser warnings) for all the domains is really all that is needed (I think very few users view all certificate details- not that it would matter anyway...), with the added benefit of all the IRMs now are warning free https accessible

Kevin, thanks for the very quick and useful solution (on a weekend!)- much easier than modifying the .htaccess file (for just 1 domain) as I had been trying to do!