How to redirect https to http without any SSL Certificate

Active3 hr before
Viewed126 times

4 Answers


There is really no way to do that: HTTPS relies on the SSL certificate being present and the SSL negotiation ocurring BEFORE any data is sent to the server. Therefore if there is no SSL cert then it won't even get to the point where you can send a redirect (as you are observing).,If you can't prevent the initial connect from happening with HTTPS, then you (and your server) are never part of the conversation. The only two options are 1) get an SSL certificate (they are cheap), or 2) somehow get the connection to happen over HTTP., No, it is an option if you can get the other site to cooperate and rewrite the link so it uses HTTP. Apparently in the case of FB it is not an option (which is a Good Thing®), but in the more general case there may be ways to get the other site to cooperate. – Peter Rowell Sep 27 '12 at 9:34 ,This option is only if you don't have sensitive data because the connection betweeen server and cloudflare is not encrypted

I found a nice solution today to have pages with HTTPS without having a certificate.

You can use cloudflare SSL: Flexible. This way the SSL will be between client and cloudflare server, and between cloudflare and your server will not be secure.

load more v

So I was curious if its possible to do HTTPS > HTTP (which would then redirect them without prompting for a certificate)? , but the problem being we would need to buy 8x SSL certificates for external parties to not be prompted with an SSL warning (same problem would occur if it was self assigned).,So I was curious if its possible to do HTTPS > HTTP (which would then redirect them without prompting for a certificate)? I know its not advised, but technically our main website will serve them a HTTPS certificate once the redirect takes place.,Is it unsecure if we are redirecting to a HTTPS URL after changing the request from HTTPS > HTTP? If that makes sense :)

<?xml version="1.0" encoding="utf-8" ?>
                <rule name="Redirect old-domain to new-domain" stopProcessing="true">
                    <match url=".*" />
                    <action type="Redirect" url="{R:0}" redirectType="Permanent" />

To enable the HTTPS version of your website, you should:,There is currently no official client for IIS on Windows, but there are workarounds.,Obtain the signed HTTPS certificate and install it on your web server.,There are some substantial differences in the mode of operation between Let’s Encrypt and the other CAs. Following the first three points above, here are the main ones:

Debian, Ubuntu and clones

sudo apt - get install openssl
load more v

SUCURI offers FREE cert under the WAF plan, and you can enable it by navigating to the HTTPS/SSL tab.,First, select “Full HTTPS” in SSL mode.,Second, select “HTTPS only site” in protocol redirection.,I assume you are using this on a shared hosting platform. First, you need to ensure the hosting provider offer SSL and enabled for your site.

  • Login to your Apache server and go to the path where it’s installed.
  • Go to the conf folder and take a backup of httpd.conf file
  • Open httpd.conf using your vi editor (choose your favorite editor)
  • Ensure module is loaded
LoadModule rewrite_module modules /
load more v

Other "https-redirect" queries related to "How to redirect https to http without any SSL Certificate"