SSL certificate and "www" vs non "www" - ssl

I'm being asked to redirect a website to https once an SSL certificate is installed. It's a wordpress site and this should be very easy, you simply go to settings and change the http to https, and/or install a plugin to manage everything for you and change all of the "http" in your files for "https".
The certifiate came with problems that the host fixed gradually (it wouldn't pass any test on qualys SSL Labs). However for some reason they sent me an e-mail stating that the certificate is made for the "www version of the site". this site didn't have "www" in it's address.
The non "www" version now redirects to the "www" version but I just cannot get a green padlock. Oddly enough, I did get one refreshing the page a few times and when I did it was all messed up. If I check the page source some stylesheet links for example look for the https:// no www version of the page and this is probably the problem right?
Should I just change manually all of the links in the page or ask the host not to create a certificate for a www version of this website when it didn't have that in the first place?
/* EDIT */
I get this in the console before an error for every single url in the page for images and stylesheets, etc.
Redirecting navigation because the server presented a certificate valid for www... but not for "non www version" To disable such redirects launch Chrome with the following flag: ...

Related

Why is my IONOS 1&1 root not redirecting correctly over ssl?

I have a 1&1 IONOS domain for my heroku app. the www subdomain works fine, with a CNAME setup for it. but I'm trying to redirect the root url to the www subdomain. this also works fine for http, but if the url is typed in as https://example.com, I get a ERR_SSL_PROTOCOL_ERROR (on chrome, other browsers have different errors). this is on any device, regardless of clearing cache and history etc.
my heroku logs show it's never reached, so it must be an issue within 1&1.
theres an ssl cert set on the domain with 1and1, as well as heroku's ACM.
any ideas?
To make the four URL variations (http://example.com, http://www.example.com, https://example.com, and https://www.example.com) point to a different SSL hosted site (heroku, cloudfront, etc), you need three things in IONOS:
Under DNS settings, add a CNAME entry for the www subdomain that points to your SSL hosted site (example.herokuapp.com)
Set up an HTTP Redirect under Domain Forwarding to https://www.example.com (don't check the box that states "Also set up for www subdomain")
Make sure you have an SSL wildcard certificate for *.example.com installed and attached to your domain in IONOS
It looks like all you are missing is number 3. After that, the redirect that you have setup should work as expected.
Note: example.com should be replaced by your actual domain in all of the above.

How to handle "non-https" (http) sites in https TYPO3 backend

We run a TYPO3 multidomain system and added https support to our TYPO3 domain [typo3domain]. All other domains still run without https support (http only).
https works perfect for [typo3domain].
Redirect of all non https request to TYPO3 backend (lockSSL) works perfect as well. [typo3domain]/typo3 redirects automatically to https://[typo3domain]/typo3
Now our problem:
If a editor [domain1] edits some content on https://[typo3domain]/typo3 and goes to page -> view page then https://[domain1] is called, but this does not work (invalid certificate), because [domain1] is a non ssl domain.
How can i fix this?
You can set the preview domain in the root page TSconfig of the non-https sites, including the protocol:
TCEMAIN.previewDomain = http://domain1
More on this option can be found here: https://docs.typo3.org/typo3cms/TSconfigReference/PageTsconfig/TceMain.html#previewdomain

How do you force HTTPS with Namecheap and Heroku?

I am working on setting up SSL with Heroku and Namecheap.
On Heroku I currently have the domains:
Domain Name - DNS Target
www.app.domain.io - www.app.domain.io.herokudns.com
www.domain.io - www.domain.io.herokudns.com
On NameCheap I have:
Type - Host - Value
CNAME Record - app - www.app.domain.io.herokudns.com
CNAME Record - www- www.domain.io.herokudns.com
URL Redirect Record - # - https://www.domain.io
CNAME Record - www - https://www.domain.io
What works:
www.domain.io works fine and does not redirect to include https
domain.io just fails to reach a site
https://www.domain.io works great!
https://domain.io fails to reach a site.
http://www.app.domain.io/ fails to reach a site.
https://www.app.domain.io/ fails to reach a site.
http://app.domain.io/ reached the heroku nothing there yet page.
Ideally, all pages should always redirect to include https and www. Any idea what I'm doing wrong?
I fixed the problem. I added redirect records so that if the url was entered with or without www and with or without https it would be redirected to include https and www. This required 4 redirects for the domain.
In addition, the app.domain.io url had not content because I hadn't set something up there yet. I was planning on using the app.domain.io for a new heroku app later on.
Remember to wait long enough and try clearing your cache to see if the issue is resolved.
Edit
In my domain settings under Redirect Domain
Source Url Destination Url
domain.xyz https://www.domain.xyz/
www.domain.xyz https://www.domain.xyz/
The above ensures https is always used.
In my domain advanced DNS settings under Host Records
Type Host Value TTL
CNAME Record www <link from heroku> 30 min
URL Redirect Record # https://www.domain.xyz/ unmasked
URL Redirect Record www https://www.domain.xyz/ unmasked
This is what you need to do on namecheap to work with a heroku app. There is more to do on the heroku side of things.
In Heroku under app settings there is a Domains and certificates section.
You can add your domain there. This will create a DNS Target which is what you put in the <link from heroku> block from above. Heroku will also let you use LetsEncrypt and they will automatically refresh your SSL certificate.
Remember to wait awhile between changes. DNS changes can take up to 24 hours to apply.
For anyone using Heroku, Django, and namecheap that still has a similar problem (i.e. you have a working https website, but http is not automatically routed to https), you also have to set SECURE_SSL_REDIRECT = True in your settings.py file. Making this addition fixed the issue in my case.
This change, in addition to the URL configurations posted in #Programmingjoe's answer, should fix the issue.

Why are http and https protocols pointing at different directories?

I originally had 4 subdomains, and when each was created, they were assigned a subdirectory off my public_html
So
subdomain1 points at public_html/subdirectory1
subdomain2 points at public_html/subdirectory2
subdomain3 points at public_html/subdirectory3
Each had a Wordpress site installed in the appropriate subdirectory
I then purchased a global (wildcard) SSL certifcate, and installed it... so it was for *.mydomain
And then all I had to do is in each Wordpress install, change the site url and home url, in General settings, to be https: subdomain.mydomain instead of http:subdomain.mydomain
Everything worked fine, I had no other changes to make.
Since then, I have added new subdomians, subdomain 4 and subdomain5
Again, each was assigned a subdirectory off public_html
subdomain4 points at public_html/subdirectory4
subdomain5 points at public_html/subdirectory5
Wordpress installed on each.
Each worked OK when the site and home urls were http:
Changing to https: site becomes unobtainable! White screen all the time, no error messages.
I contacted the tech support of my hosting providers, and what we established was that an http: request was targetting the public_html/subdirectory4 (or 5) directory, but that an https: request was targetting public_html ! They said that I had to amend my public_html/.htaccess file to redirect the https requests, on a subdomain by subdomain basis, to the relevant subdirectory.
Apart from this having knock on effects in the code of my sites, some of which is common across all 5, I do not understand why this is necessary. It was not necessary for the original sites that were present when I installed the SSL certificate. There are no entries in either the .htaccess file in public_html or in the .htaccess files of each subdirectory that pertain to http or https access.
There must be something else somewhere that makes the original subdomains work, but not the new ones created SINCE the SSL certificate was installed.
And it is nothing at all to do with Wordpress because I created a new subdomain and subdirectory with nothing but an index.php file echoing "Hello world", and it works if requested through http, not if requested through https:
I need to know anything else that can be making the original subdomains work WITHOUT any alteration to the .htaccess files, and why the new subdomains, created after the SSL certificate was installed, behave differently. And then obviously how to make them behave as the original subdomains do.
Don't know why the Tech Support for my hosting company couldn't tell me this, it was so simple once I looked in the right place.
Logged into WHM, and there's an SSL/TLS tab. Looking under "Manage SSL Hosts", I could see the subdomains that were working correctly had an entry in the table there. Backing out, and going to "Install an SSL Certificate on a Domain", I was able to install the certificate to the new subdomains, and lo and behold, when I returned to "Manage SSL Hosts", the new subdomains were there too.
So, undid all the changes made to the new WP installs, and now working perfectly, in the same manner as the all the other subdomains.
Hope this saves somebody else half the time I wasted!

Contao CMS error with https - 404 error

Morning
I have a domain, www.example.com, which is a Contao 3.1.3 CMS website on Linux Apache.
I have just purchased and installed SSL certificate for the domain.
When I go to https://www.example.com (or https://example.com) all works fine.
when I try one of the other pages on the domain, http://www.example.com/folder/page.html all is fine, but with https://www.example.com/folder/page.html
, I get an error:
The requested URL /folder/page.html was not found on this server.
This does not happen with pages in the admin area, which all appear fine via https
Console log shows:
Failed to load resource: the server responded with a status of 404 (Not Found)
What is the solution to make all pages appear ok under https
I tried this: https://community.contao.org/de/showthread.php?43595-SSL-und-Contao
but it didn't help
I also checked https://www.sslshopper.com/ssl-checker.htm to see if the error is with the ssl certificate, but no problems found there.
Jez D
Problem cannot be on the SSL. From your explanation I would suggest you play around with disabling folder urls and url rewrite in the settings. Then make sure the page exists. I am sure from here you will be able trace down the problem.
Make sure also in the root page, the 'domain' field is on https if its set.
You can restore your folder and url rewrite settings when all is well
The issue was actually with the directives on the virtual server.