I have recently installed ssl certificate through CloudFlare. I'm getting https but not getting padlock. I tried using really simple ssl WordPress plugin but I could not help mixed content.
My website URL: https://claimstock.com
Looking at the developer console of Chrome clearly shows the problems:
Mixed Content: ... requested an insecure image 'http://35.232.70.59/wp-content/uploads/2018/11/construction-image38-2-free-img.jpg'
This means that your site includes resources loaded with plain http:// even though the site is served with https://.
Failed to load resource: net::ERR_CERT_AUTHORITY_INVALID ... 35.232.70.59/wp-content/uploads/2018/11/911-2.jpg:1
This mean your site tries to download resources via https:// from 35.232.70.59. But the certificate for 35.232.70.59 is a self-signed certificate for www.example.com. A self-signed certificate can not be trusted and apart from that the name of the certificate does not match the name in the URL.
Related
I have a website for my podcast built with Python / Django that is hosted on Heroku: https://dinpodcast.herokuapp.com/
I have a custom domain parked on GoDaddy, dinpodcast.com, that has a www CNAME directing to my heroku application. This works just fine: https://www.dinpoddcast.com
I wanted dinpodcast.com to redirect to the www website, so I have the following domain forwarding set up on Godaddy:
This also works great, for the most part. Now, when I enter http://dinpodcast.com, or just dinpodcast.com, both will redirect to https://www.dinpodcast.com.
Here's the problem. When I enter the naked domain WITH HTTPS, so when I enter https://dinpodcast.com into a browser's address bar, I get the following response:
Here's what I THINK is happening. My SSL certificate is provided by Heroku under their Automated Certificate Management program. So, I assume that since I don't have an SSL certificate with GoDaddy, it's timing out trying to find one before it can redirect to my www subdomain. Would this be correct? If so, is there any way around this WITHOUT buying an SSL certificate with GoDaddy? If that's not what's happening, then what is and how do I fix it?
When you create an ssl certificate in your domain do you include your root domain? Tried using this tool in your root domain and it seems that there is no ssl certificate. However the subdomain https://dinpodcast.herokuapp.com/ has one. I suggest putting an ssl certificate in all subdomain and root domain that you are using.
I also checked the root domain’s IP address using this tool and checked port 443 using another tool and apparently the port is closed. Double check your firewall and make sure 443 is open.
Im using hostgator as my host.They do not provide free ssl certificate.So im using cloudflare free ssl certificate for my site.SSL certificate working everywhere except Cpanel.
I tried manually adding ssl through cpanel option.But not really working!Is there any way i can add it there?
Or it will be really good if my cpnael url cpanel.site.com won't just show up to that address.
If you want to use the CloudFlare SSL certificate then there is no need to add that SSL certificate to yoru cpanel nor to your site. Read the cloudflare documentation in order to see how to create and use Page Rules and their SSL certificate. cPanel has nothing to do with it. CF works just fine with cPanel/WHM and pretty much with any other related hosting panel. Your site can be http only in cPnel and then you do the HTTPS redirection from Clouflare using their Flexible SSL and page rules
cpanel.yourdomain.com ssl is related to server side. If your host allow autossl with Let's Encrypt (for example) then it will install ssl for all your necessary subdomains like webmail, cpanel, mail, www etc. If you are installing ssl manually, then you cannot install it for cpanel subdomain. However if you want to use cpanel securely and have enabled ssl with yourdomain.com the you can use it:
https://yourdomain.com:2083
Trying to get
https://example.com
To not refuse the connection, to show my website, and to redirect to:
https://www.example.com
Without having to switch my DNS hosting to DNSimple or adding another service provider.
My domain was purchased on GoDaddy. DNS is on GoDaddy as well, set up as shown below.
My app is hosted on Heroku, using a Let's Encrypt certificate, that I installed following this answer.
Currently using Helmet+express-enforces-ssl to force hsts.
I have read the following info:
Heroku SSL on root domain ; Heroku SSL Endpoints ; The Limitations of DNS A-Records
The last of which states:
(...) applications requiring SSL encryption should use the
ALIAS/ANAME configuration on the root domain. Subdomain redirection
will cause a browser error when the root domain is requested over SSL
(i.e. https://example.com).
Which seems to be my problem (?).
How do I set this up on GoDaddy?
Just upgraded to Mamp Pro 3.5 from simple MAMP and all worked great till I added a self signed cert.
My document root for my local.mysite.com was set to htdocs/html/magento
Site works fine using http.
When I add the self signed ssl the site now only works correctly at https pages. If I try to go to any page without https such as http://local.mysite.com/store I get this in the apache log:
File does not exist: /Applications/MAMP/htdocs/store
If I uncheck the ssl the http urls all work again.
Did I miss something in the set up?
Thanks
It's far from obvious, but you can actually add a second host with the exact same domain name (local.mysite.com in your case) but this time leave SSL disabled on the SSL tab.
You'll therefore have two hosts, both for local.mysite.com. One is for https and the other for http.
I have tested my self-signed SSL certificate for https site.
when I access my https site such as https://example.com on my computer, Chrome
browers will give me SSL warning about un-trusted site something like that
and I follow instuction from a link, the warning
is gone. But why it always has red-cross and read-slash mark around https at address bar
even I 've saved and put my self-signed SSL cert into the trusted vendor folder on Chrome
browser as a trusted cert only on my computer.
Whether must I buy third-party SSL cert to get rid of those red mark ? That is only method?