将旧的SSL域重定向到Heroku上的新域（带有Rails 3）

Question

I've been googling for the past hour on this but can't quite get it nailed down. Perhaps you guys can assist here!

Here's what I'm trying to do:

Old site is:

old.tld

New site is:

new.tld

A bunch of folks access one particular legacy url on the old site via SSL, ie:

https://www.old.tld/old_url

I've just setup a brand new site on Heroku, running Rails 3, on the new domain.

I also have installed Heroku's SSL Endpoint Add-on and am using a new secure subdomain:

secure.new.tld

I've got a bunch of redirects & constraints in my Rails routes.rb to redirect old -> new and pass the appropriate requests. Everything works perfectly for the non-SSL stuff.

The only thing I can't seem to get working properly is the redirects of

https://www.old.tld/old_url -> https://secure.new.tld/new_url

Safari doesn't seem to mind, but Chrome is throwing a "This is probably not the site you are looking for!" error. It says (only when trying via SSL):

"You attempted to reach www.old.tld, but instead you actually reached a server identifying itself as secure.new.tld" Etc.

(which is exactly what I want, but Chrome doesn't seem to approve ;)

Any thoughts on how to properly configure?

Answer 1

The seamless solution it is to get a SAN (Subject Alternative Name) certificate that has both the old name and the new name.

Another way is to insert a non-secure request in between the two secure requests: redirect from https://www.old.tld -> http://secure.new.tld -> https://secure.new.tld . I haven't actually tested this, but it should work in theory. If it doesn't "just work", then you might try adding an actual page at http://secure.new.tld with a message and a link to https://secure.new.tld .