i make website and use IIS web server
now site run with this 2 address
http://panel.example.com and
i can set Arecord for use HTTP with many custom domain name like this
panel.customdomain.com => a record => serverip(x.x.x.x)
http://panel.customdomain.com work just fine but show error this is not valid in browser(Your connection is not private)
is there any way to use many custom domain with HTTPS address ?
i have some reseller and i dont have fixed list for new domains.
If you have full control of your server you can use Let's Encrypt to get ssl certificate for every domain
OR you can use cloudflare.com and get a free certificate
Hope it helps
Related
I recently bought a domain name at OVH for an app I hosted on Heroku. I then paid for the dynos in order to set an automatic SSL certificate.
Everything seems to me working fine:
Domain Status Last Updated
─────────── ─────────── ────────────
mpjrigot.eu Cert issued 2 minutes
mpjrigot.fr Cert issued 2 minutes
But my URL is still in HTTP. What am I missing?
EDIT
I'm using React.js for this app
I also have a Ruby on Rails back but for nom i'm keeping that on the heroku.app, works fine
2nd EDIT
Using react-https-redirect, force-https or react-ssl-redirect...
Basically, chrome tells me that "this is not a safe space", and that this is a fake https that might want to steal the user's passwords and stuff
So I got an SSL that is set on my HerokuApp,
I got a domain on OVH that points to the IP of the app
But the http isn't secure somehow
I really think I missed something obvious as I'm new to this...
You can add HTTPS to your app with the following methods.
Method1 (Recommended)
Since, you're using rails for the backend, you can configure your rails app to always use HTTPS.
in your production.rb add
config.force_ssl = true
More Info: https://help.heroku.com/J2R1S4T8/can-heroku-force-an-application-to-use-ssl-tls
ActionDispatch SSL: https://api.rubyonrails.org/v6.1.4/classes/ActionDispatch/SSL.html
Method2 (Easy Setup)
You can also signup for cloudflare's free plan and easily setup https redirects with cloudflare's 'Always Use HTTPS' or 'Automatic HTTPS Rewrites' feature.
The 'Always Use HTTPS' feature will redirect all http requests on your site to https address.
The 'Automatic HTTP Rewrites' feature will change the HTTP links on your site to HTTPS links.
More Info here:
Always use HTTPS: https://blog.cloudflare.com/how-to-make-your-site-https-only
Automatic HTTPS: https://www.cloudflare.com/website-optimization/automatic-https-rewrite/
Cloudflare's SSL: https://www.cloudflare.com/ssl/
cloudflare dashboard
What am I missing?
Heroku provides a certificate, so you should be able to access your application using https://. However it does not redirect HTTP requests to HTTPS for you:
Redirects need to be performed at the application level as the Heroku router does not provide this functionality. You should code the redirect logic into your application.
Exactly how you do that depends on the language and libraries or framework that you are using. Several common examples are listed in the link I provided above.
If you edit your question to tell us what technology you have used to build your application I'll be happy to add those details to this answer. In case you are using Scala, please see How to disable HTTP requests on Heroku and/or auto-redirect to HTTPS?
solution
I eventually read about Heroku needing a specific host that takes in the address they tell you to point to when setting a domain name...
So I switched to Gandi for my domain name and set the ALIAS to point to said adress
Works like a charm
I have purchased a domain name successfully on google domains. I have the website and server deployed on Heroku, which has provided us with a DNS target and a positive ACM status. When navigating to the site by clicking the link provided by the google search, SSL is not active. However, typing into the address bar "https" will cause it to use SSL as will just typing [domain-name].ca, BUT typing "http", it will not use SSL. Why is google defaulting to the non-SSL version?
I have set up the synthetic record:
#.[domain-name] -> https://www.[domain-name].ca
on google domains
Shouldn't this forward every request to https?
I do not have any http calls in my code.
Depending on what enviornment you are using, you need to enable force ssl config.
Rails
Use config.force_ssl = true in your config/environments/production.rb or similar.
Node (Express.js)
Use a package to set this up for your app. Some options can be found here: https://www.npmjs.com/search?q=express+ssl
PHP
You can add directives to the .htaccess file at the root of your project to do this. See this SO post for an example https://stackoverflow.com/a/34065445
Django
Set SECURE_SSL_REDIRECT to True.
Flask
You can use https://github.com/kennethreitz/flask-sslify to handle this for you.
I am trying to achieve URL redirection i want to know different possibilities to achieve this.
Scenario: I have created sharepoint web application(2013, host header site collection) with Annonymous access enabled and NTLM(windows authentication enabled--- Both are enabled). I have bind this site to certificate also and its working as expected if i browse the site with https://test.com
but if i just browse the site with http://test.com its asking me for user name and password. This i want to avoid even if i try to access http my requirement is it should redirect to https.
I have entered username and password and returns 200 http status.
I know there are options we can achieve this
1) IIS redirect
2) Through custom code snippet (C#/Javascript)
But apart from this is there any way we can achieve this like load balance or DNS etc
Your guidence will be really help full.
Regards
Sri
I think you can achieve this by addin an AAM (Alternate Access Mapping) setting in a sharepoint site.
Try to convert an Https request to the http in that. I haven't tried it myself so I am not sure if this will work or not, but there are some examples of a reverse which you want.
For your reference this is a link to make it for http to https
https://sharepoint.stackexchange.com/questions/64484/http-to-https-redirection-using-aam
Let me know the outcome.
I have my DNS settings as shown in the image
DNS Setting along with an additional CNAME with host www and value as my GitHub page. Next I setup a CNAME entry in my GitHub page with an apex entry to my domain. The issue I face is that whenever I visit my domain with an https protocol, it shows a warning that the connection is not secure. I get the following in Chrome:
NET::ERR_CERT_COMMON_NAME_INVALID
How do I fix this? I have both https and http access for my domain.
UPDATE: Github introduced custom domain support for HTTPS on May 1, 2018.
If you are using GoDaddy and want to upgrade to HTTPS, do the following:
Go to DNS settings for your site in your GoDaddy account.
Remove all existing A records.
Open a terminal and do dig +noall +answer <YOUR-USERNAME>.github.io. You should see a table listing 4 slightly different IP addresses:
On GoDaddy, create 4 new A records, each one pointing to one of the IPs. For host use # and set the TTL to a low user-defined value (if you are in a hurry).
Go to your page repository settings on Github, and clear the custom domain name and save. Wait a while (minutes).
When executing dig +noall +answer <YOUR-CUSTOM-DOMAIN> yields the 4 IP addresses that you entered in the A records, go back to the Github repository settings and re-enter and save your custom domain name (which you just cleared) in the custom domain cell.
Optionally, check the box Enforce HTTPS. But make sure that https://<YOUR-DOMAIN>is responsive first.
Make sure you have a CNAME record in your DNS settings also. Host should be www and it should point to your <YOUR-USERNAME>.github.io.
Make sure there is a file in your website repository named CNAME containing the name of your custom domain (in my case ulfaslak.com).
Reference
EDIT: Please see answer below by Arturo Herrero: https://stackoverflow.com/a/50203412/462015
GitHub pages does not support HTTPS for custom domains.
The only work around for doing so is to use an SSL provider as the middle man, such as Cloudflare. However, this would involve pointing your DNS name servers at Cloudflare's, which takes some time and complicates things.
If you want HTTPS support using GitHub pages you'll have to use GitHub's provided URL instead of your custom domain.
Another great option for static sites if you want custom domain name HTTPS is Amazon Web Services. You could set up an S3 bucket for your static website, configure CloudFront to distribute the static content, point your domain name at the CloudFront distribution, and use a free SSL certificate from Amazon's cert manager. This option comes out to less than $1/Month with a low-traffic website. A great in depth tutorial for that would be here.
I hope this answered your question! GitHub pages is a great hosting option, and it's not the end of the world if you decide to forget about HTTPS.
Custom domains on GitHub Pages gain support for HTTPS since May 01, 2018
https://blog.github.com/2018-05-01-github-pages-custom-domains-https/
I have a wildcard certificate for our domain. *.domain.com
We host multiple sites on our one server using host headers with subdomains. In this specific case lets use site1.domain.com the site has a https binding on the hostname with the wildcard ssl cert.
for marketing reasons we want to rename the sites URL / Name. for example awesomewebsite.com
But for hosting and ssl certificate reasons we cant simply change the host headers on the site.
So my question. Is there a way for me to make awesomewebsite.com an alias tohttps://site1.domain.com so that the user can operate and use the site as if it was hosted at awesomewebsite.com and for security reasons all requests are actually sent to https://site1.domain.com
I have both the domains with 'dyndns.org' I know they offer some added services. Not sure if that will be of any user to me?
Also if I can obtain this are there any security concerns or other issues which might be introduced.
When using webhop feature in dyndns.org i get the following error:
Refused to display 'https://site1.domain.com/Account/Login?ReturnUrl=%2F' in a frame because it set 'X-Frame-Options' to 'SAMEORIGIN'
So my question. Is there a way for me to make awesomewebsite.com an alias tohttps://site1.domain.com so that the user can operate and use the site as if it was hosted at awesomewebsite.com and for security reasons all requests are actually sent to https://site1.domain.com
The validation of the contents of the certificate is done against the name in the URL, which means that your certificate must contain the alias name too.
Never answered properly.
For whom who ends up here during a search:
What you need is a certificate (requested) with alternative names, meaning it contains all the variances you desire of FQDN/DNS names. They do not need to match or belong to the same domain. Also ideal for external name and system internal names (e.g. www.mystuff.com, host123.myhost.com):
https://www.digicert.com/subject-alternative-name.htm