A quick overview of doing redirects from non-ssl to ssl websites.
Ed. Note: While you should be able to do this in the 10.4 web GUI, you were unable do this in earlier versions of OS X Server. That’s where this comes in handy, although this method should work for all version of OS X, or Apache on any system for that matter.OS X Server
HOW TO: redirect http requests to https
If you have set up a site using ssl all requests for that domain not preceded
by https it will point to the defualt web site. If what is required is that
all requests for the domain on port 80 go to the 443 or in other words all
requests
for http go to https, there are a number of ways of doing this (using htacces
or other scripting), however the following is the method we prefer.
1 go to the site config file at /etc/httpd/sites/
cd /etc/httpd/sites/
open the config file (e.g. 0016_195.75.175.184_443_secure.example.com.conf)
in pico and edit the section
RewriteEngine On
RewriteCond %{REQUEST_METHOD} ^TRACE
RewriteRule .* - [F]
adding the following condition and rule and either delete or comment out
the existing conditions and rules.
RewriteCond %{SERVER_PORT} !443
RewriteRule (.*) https://secure.example.com/ [R]
so that it reads as
RewriteEngine On
RewriteCond %{REQUEST_METHOD} ^TRACE
RewriteRule .* - [F]
RewriteCond %{SERVER_PORT} !443
RewriteRule (.*) https://secure.example.com/ [R]
- In server admin duplicate the site secure.example.com, turn the web service
off, edit the new site changing (from general) the port from 433 to 80, and
from secure turn Enable Secure Sockets Layer off. You will now have two site
config files in /etc/httpd/sites/ (e.g 0016_195.75.175.184_443_secure.example.com.conf
and 0016_195.75.175.184_80_secure.example.com.conf).
3 Restart the web service and all requests to http://secure.example.com will
be automatically redirected to https://secure.example.com.
It may appear contradictory to have two sites with the same name but one is
on port 80 and the other is on port 443, Apache does allow this configuration.
This method allows you to treat all virtual sites on an individual basis, you
may wish some to be accessed only via ssl and others to be accesses via ssl
and non ssl.
Last updated 08/06/05 Bruce Robbins
Platform: Mac OS X Server 10.3 or later
Further reading
http://httpd.apache.org/docs/mod/mod_rewrite.html
http://www.modssl.org/docs/2.8/ssl_howto.html
http://www.whoopis.com/howtos/apache-rewrite.html
http://joseph.randomnetworks.com/archives/2004/07/22/redirect-to-ssl-using-apaches-htaccess/
http://httpd.apache.org/docs-2.0/misc/rewriteguide.html
http://www.entropy.ch/software/macosx/docs/mod_ssl.html
by 
This is a good point, the example used in the article is from theconfig used
our development server. Thanks for pointing it out.
Any virtualhost added in Server Admin (10.3 or 10.4) can have a redirect
to another virtual host. So, configure one virtualhost with the name/IP of
the SSL site but on port 80, with a redirect to a second host on port 443!
Eg: redirect would be…
FROM: / TO: https://SITE_ADDRESS/
It will redirect any appended path too.
If you use a registrar that does URL forwarding, and you use that service, be
prepared for the http > https fix to partially break. Sticking with DNS records
only works much better.
—
systems engineer, tribune review publishing company
To redirect ‘all’ http to https
RewriteEngine On
RewriteRule (.*) https://%{SERVER_NAME}:443 [R]
(We use this on one of our servers with DHCP on ‘untrusted’ networks
for demonstrations,
we depend on the DHCP provided ip-addresses in the LAN)
This also seems to work for redirecting all virual hosts, saves time and
you don’t have to change the rules (Like https://secure.example.com
times n), easyer when you have 100+ virtualhostnames đŸ˜‰
Gawin