We are running our website on IIS. In the domain settings, example.com and www.example.com are pointing to same IP Address.
The website works fine for https://example.com and https://www.example.com and https://stage.example.com
but for:
https://www.stage.example.com
We are getting Not Secure error.
Is it related to how SSL certificate is setup?
Added http & https bindings in IIS for both stage.example.com and www.stage.example.com
If you have a non-www and fully-qualified domain name of the same domain, a single domain (standard) SSL certificate would be enough to cover both. However, if you have multiple subdomains that you need to cover, then you need a wildcard SSL certificate.
For example:
Scenario 1: If you want to secure only two versions of your domains — domain.com and www.domain.com — a single domain SSL would be fine.
Scenario 2: If you want to secure the first level of subdomains (other than www.domain.com) — such as mail.domain.com or test.domain.com — a single domain SSL will not be enough. You must buy a wildcard SSL certificate
Related
I have a website for my podcast built with Python / Django that is hosted on Heroku: https://dinpodcast.herokuapp.com/
I have a custom domain parked on GoDaddy, dinpodcast.com, that has a www CNAME directing to my heroku application. This works just fine: https://www.dinpoddcast.com
I wanted dinpodcast.com to redirect to the www website, so I have the following domain forwarding set up on Godaddy:
This also works great, for the most part. Now, when I enter http://dinpodcast.com, or just dinpodcast.com, both will redirect to https://www.dinpodcast.com.
Here's the problem. When I enter the naked domain WITH HTTPS, so when I enter https://dinpodcast.com into a browser's address bar, I get the following response:
Here's what I THINK is happening. My SSL certificate is provided by Heroku under their Automated Certificate Management program. So, I assume that since I don't have an SSL certificate with GoDaddy, it's timing out trying to find one before it can redirect to my www subdomain. Would this be correct? If so, is there any way around this WITHOUT buying an SSL certificate with GoDaddy? If that's not what's happening, then what is and how do I fix it?
When you create an ssl certificate in your domain do you include your root domain? Tried using this tool in your root domain and it seems that there is no ssl certificate. However the subdomain https://dinpodcast.herokuapp.com/ has one. I suggest putting an ssl certificate in all subdomain and root domain that you are using.
I also checked the root domain’s IP address using this tool and checked port 443 using another tool and apparently the port is closed. Double check your firewall and make sure 443 is open.
*.example.com, example.com, www.example.com - SSL - Issued by Amazon.
SSL installed and setup with ELB. Accessing the domain via example.com and www.example.com works with SSL perfectly. Yet when any sub domain(Subdomain.example.com) is accessed, SSL fails.
Subdomains are generated via a route.php script. Subdomains are dynamic.
Forcing SSl doesn't work. Tried other methods via .htaccess and its failing.
Does ELB work with wildcard SSL ? How do i fix these problem?
Thanks
I found the solution.
Add *.example.com to ElB with A record alias in route 53.
Trying to get
https://example.com
To not refuse the connection, to show my website, and to redirect to:
https://www.example.com
Without having to switch my DNS hosting to DNSimple or adding another service provider.
My domain was purchased on GoDaddy. DNS is on GoDaddy as well, set up as shown below.
My app is hosted on Heroku, using a Let's Encrypt certificate, that I installed following this answer.
Currently using Helmet+express-enforces-ssl to force hsts.
I have read the following info:
Heroku SSL on root domain ; Heroku SSL Endpoints ; The Limitations of DNS A-Records
The last of which states:
(...) applications requiring SSL encryption should use the
ALIAS/ANAME configuration on the root domain. Subdomain redirection
will cause a browser error when the root domain is requested over SSL
(i.e. https://example.com).
Which seems to be my problem (?).
How do I set this up on GoDaddy?
I have 4 domains in my server:
domain1.com
domain2.net
domain3.com
domain4.net
The primary and SSL enabled is: domain1.com
I try a SEO permanent 301 redirection of all of them to https://www.domain1.com and works fine, the problem is that when someone tries to access any secondary domain prefixing it with https the redirection doest work.
Example: domain2.net (or any other of those with https prefix) will not redirect to https://www.domain1.com and get a SSL certificate error.
I believe this is because SSL request uses a different port: 443 and all the Rewrite Rules i made are just for 80 port.
Please help!
You get the SSL certificate error because the certificate does not match the name of the accessed server. Any redirects will only be done after establishing the SSL connection, which means you need to have a valid certificate for each domain you want to redirect from.
I am trying to setup wildcard sub-domain. So my domain is www.mydomain.com so anything comes like this test.mydomain.com, welcome.mydomain.com will work, that is fine.
When it comes to SSL, if I am buying SSL for www.mydomain.com then will that same SSL certificate works for test.mydomain.com, welcome.mydomain.com? Since they are not real sub-domains just virtual.
If not do I need to buy wildcard SSL?
If I think technically all the wildcard sub-domains will point to same root folder and IP. From there using my code I will deliver different content. In that case my SSL certificate for www.mydomain.com will also work for test.mydomain.com right? I am not sure.
Any Guess?
NAME in the SSL certificate must exactly match domain name of the site. You need wildcard certificate. Non-wildcard will produce a wrong-site warning.