I had an odd task at work today. I had to set up one of our web servers to handle normal http traffic (ie, respond on port 80), but take all those requests and shuffle them to the same server's SSL virtual host. Basically, I had to make all "normal" web requests use SSL. It seemed like a fairly straightforward thing to do, but it wasn't really.

At first, I simply tried to use a Redirect directive in the docroot container like so:

Redirect / https://example.com/

But that won't work. Seems like it should, but it won't. You're saying "go here instead" and when you get there, you need to go back, which makes you go forward again. It's a big endless cycle. What does work is using mod_rewrite. Works very very well, in fact. You do like so in httpd.conf:

# mod_rewrite Section
RewriteEngine on
RewriteLog /var/log/httpd/https_rewrite_log
RewriteLogLevel 1

# If they try to access http, redirect to https
RewriteCond %{SERVER_PORT}           !^443$
RewriteRule ^/(.*)                   https://%{SERVER_NAME}/$1 [L,R]

You also need to add the following to every virtual host that you have:

RewriteEngine on
RewriteOptions inherit

And somewhere at the top of the conf file, change/add the UseCanonicalName to "Off". Now all requests for anything in http://example.com/ will be requests for https://example.com/.