How to redirect https to http without any SSL Certificate

There is really no way to do that: HTTPS relies on the SSL certificate being present and the SSL negotiation ocurring BEFORE any data is sent to the server. Therefore if there is no SSL cert then it won't even get to the point where you can send a redirect (as you are observing).

I'd suggest just buying the cheapest cert you can: GoDaddy has specials for $12.99 that I've used quite effectively for just this purpose (Facebook app SSL pages) and that you can have bought and ready in 15 minutes.

EDIT: Just use Lets Encrypt, as @xbakesx states in his comment. Completely free, no delay, accepted pretty much everywhere.


I found a nice solution today to have pages with HTTPS without having a certificate.

You can use cloudflare SSL: Flexible. This way the SSL will be between client and cloudflare server, and between cloudflare and your server will not be secure.

This option is only if you don't have sensitive data because the connection betweeen server and cloudflare is not encrypted

This is how it looks:

enter image description here

Check here more: https://support.cloudflare.com/hc/en-us/articles/200170416-What-do-the-SSL-options-mean-


As an addition to Femi's comment, all Facebook Apps and Pages must support SSL from October 1st so one must prepare for it anyways.

Re: https://developers.facebook.com/blog/post/499/


If you can't prevent the initial connect from happening with HTTPS, then you (and your server) are never part of the conversation. The only two options are 1) get an SSL certificate (they are cheap), or 2) somehow get the connection to happen over HTTP.