0

mysite.com has a valid ssl Certificate. On mysite.com there is this Code:

echo "<script>window.location.href ='"mysite.com"'

(edit:) I found out that window.location.href indeed points to mysite.com but that Link is then forwarded with a proxy pass to othersite.com (while the URL from mysite.com is still shown).

Does othersite.com also need a valid SSL Certificate?

stackoverflow_asker
  • 31
  • 7
  • 1
    If you don't specify the `http:` protocol, it will default to the same protocol as the current page, and if you used `https:` to get to the current page, it will try to access the other site with `https:` as well. – Barmar Jan 23 '20 at 10:26
  • ok thanks! I found out the link points to mysite.com but that Link is forwarded with a proxy pass to othersite.com (while the URL from mysite.com is still shown). Does othersite.com need an SSL Certificate in this instance? – stackoverflow_asker Jan 23 '20 at 13:45
  • You should configure your webserver so it only serves the website over `HTTPS` - see [here](https://stackoverflow.com/questions/4083221/how-to-redirect-all-http-requests-to-https) – DarkBee Jan 23 '20 at 13:58
  • Are you trying Domain masking? Check this: https://serverfault.com/questions/279939/ssl-and-domain-masking – jim1427 Jan 24 '20 at 06:22

1 Answers1

-1

By default, a standard Single-name SSL Certificate can secure only one domain. A Wildcard SSL Certificate can secure domain and sub-domains as well (e.g. example.com and www.example.com and blog.example.com)

If you want to secure multiple domains using a single certificate, you need a Multi-Domain (SAN) Certificate.

(Source: dnsimple.com)

jim1427
  • 140
  • 2
  • 9
  • This does not answer OP's question – DarkBee Jan 23 '20 at 13:50
  • @DarkBee Can you please tell me why my answer is not helpful? – jim1427 Jan 24 '20 at 06:35
  • This only explains what types of `SSL` certificates there are, this is now what OP asked. OP is trying to redirect to a https page on the website (with js) – DarkBee Jan 24 '20 at 07:08
  • His question is not about how to redirect. His final question is "Does othersite.com also need a valid SSL Certificate?". That's why I have given info about types of SSL. I don't see any valid reason for the downvote. – jim1427 Jan 24 '20 at 07:22
  • 1
    well I appreciate your answer. I now understood that my actual question was something different. – stackoverflow_asker Jan 27 '20 at 09:55