I've just created a space on the Digital Ocean cloud.
To enable CDN, it asks for an SSL.
My domain manager is Cloudflare.
I've created a CNAME on the Cloudflare DNS settings page.
Then created an origin server SSL certificate and added those keys to the Digital Ocean subdomain settings page.
But I'm getting this error when I'm visiting the URL.
ERR_SSL_VERSION_OR_CIPHER_MISMATCH
How can I fix this issue?
Use SSL certificate for your original domain then it will work. Don't use a certificate generated by Cloudflare, because that is for something else that Cloudflare side use for to enable strict policy in their side.
Submitting the CNAME in App Platform before adding the record in the DO networking tab causes App Platform to register the domain with CloudFlare before it exists. There is a 30 minute TTL on this record then your domain will start working.
However, as a workaround you can remove the custom domain, let your app deploy, then re-add the custom domain and it should start working almost instantly.
Related
I'm using Surge.sh to deploy a simple react app to a custom domain i bought from GoDaddy.com.
I've followed the instructions regarding custom domains on their site and get a confirmation that my site was deployed successfully:
https://surge.sh/help/adding-a-custom-domain
On GoDaddy I've configured the CNAME and A types to point to Surge:
However when I open up the domain at https://codatheory.dev/ I receive an error message with error code: SSL_ERROR_BAD_CERT_DOMAIN
I'm quite new to hosting sites on custom domains, so I'm sure I've misunderstood something. The certificate registered on the site is provided by surge.sh.
What configuration steps can I take to resolve this issue? Do I need to create a new certificate to be signed by a CA in order to use this domain, or have I missed something in my deployment?
Thanks!
SSl with surge comes out of the box with *.surge.sh domains. For these domains you can force a redirect of http to https. However, for custom domains surge does not offer SSL as stated explicitly here and they mentioned that it is a feature of surge plus. To answer your Q, yes you could generate a certificate using some provider (e.g. https://letsencrypt.org/) and add it to surge but that would be within the frame of surge plus (not the free tier anymore).
I would try if I were you maybe s3 with cloudfront? it does not cost that much if the traffic is not that high.
There are two domain names:
1.one long (example: MaryJaneFamily.com)
2.one short (MaryJane.com).
The 301 redirect works correctly from EXISTING links from various web sites (from when the site had no ssl).
The redirect domain name appears but gives a "insecure site" warning and it appears as https://MaryJane.com.
The primary domain name does not show up in google listings at all.
I have validated the full domain name with google and provided a new sitemap to google.
The sitemap submission is not showing any errors. DNS for primary domain name shows it is fully propagated.
The link that appears in google is not the primary domain but the forwarded domain name with an "s" added to the http - selecting that link brings to you a "insecure site" warning screen.
What am I doing wrong?
It appear that your SSL certificat is maybe not valid or generated and auto-signed by your server. You have to use a SSL certificate certified by high autority trusted domain. A lot of hosting services can sell you a validated and trusted SSL certificate, or some companies like CloudFlare can give you for free (with some other protections and services like CDN, DDoS protect, firewall...etc).
If you want to do it yourself, you can use Let's encrypt to make your own trusted certificate (remember that you will have to renew this all 3 months but you can easily automate it).
Well, you can read this guide to know more about SSL certificates and which you sould use.
I hope it will help.
Is there a "return 301" for forced SSL in your sites config? If you don't force SSL then you will receive both secure and insecure ports.
I have a Heroku app and am using a custom subdomain to point to it. Let's say my subdomain is blog.mysite.com.
When I navigate to the site, chrome throws the error: ERR_SSL_PROTOCOL_ERROR. In the address bar, it automatically reroutes to https://blog.mysite.com. Is this the issue? Why is it not just http://blog.mysite.com?
My domain is through bluehost if that matters.
If you are running a free dyno, you will not get TLS support on your custom subdomain. Upgrade it to at least the "Hobby" tier and it will provision a free certificate to match your custom subdomain.
As for why it automatically reroutes, that's something happening within your application or custom process configuration. Heroku doesn't automatically re-route from http to https.
For me, I'd neglected to set up Automated Certificate Management in Heroku. Enabling this fixed the problem.
I'm trying to set up https connection in one of my API.
I normally make requests to my API through this address: http://vps234602.ovh.net:8090
I'd like to be able to make https requests.
I tried to make a redirection in OVH panel, from api.uphair.fr to http://vps234602.ovh.net:8090.
Then I used the zerossl certificate wizard to build the certificate.
In the "domains" field, I typed
www.api.uphair.fr api.uphair.fr
Then I builded the certificate and the DNS verification went well (I was able to add new TXT entries in my DNS zone according to what zerossl was asking).
Then I followed the steps to add this certificate in IIS for my API.
When I'm trying to connect to https://api.uphair.fr the redirection is good but I got the error:
:ERR_CERT_COMMON_NAME_INVALID
I did this for another site in IIS, https://partenaires.uphair.fr and it works well.
Does Anybody know what I'm missing here ? Do I just have to wait for the DNS propagation ?
Thanks for your help.
I would like to make my azure web site as https enabled one. As exactly like https://mysite.azurewebsites.net. Though I have uploaded my SSL certificate in certificate section in web site configuration tab its not redirecting automatically. Is there any other settings I have to enable?
Appreciate your help.
So to clarify the sequence of steps:
After you configure your custom domain properly, then h_ttp://customdomain.com will point to mysite.azurewebsites.net.
After you bind an SSL certificate to a custom domain in a web app, then h_ttps://customdomain.com will point to mysite.azurewebsites.net, using the bound SSL cert. If you still can't access h_ttps://customdomain.com, then you need to check whether you've configured your domain records properly at the domain registrar.
At this point, h_ttp://customdomain.com will continue to work. If you want to enforce HTTPS for your web app, see http://azure.microsoft.com/en-us/documentation/articles/web-sites-configure-ssl-certificate/#bkmk_enforce.