I'm new to web development and finally been able to create something and show to the world. I have the domain with godaddy, hosted webapp with heroku and using cloudflare SSL certificates. Trying to be cheap as dont want to spend money until I find some traffic to the website.
Chrome and Firefox warn that website is not safe when I type
www.mywebsite.com
however When I type
https://www.mywebsite.com
they work fine. Interestingly I also tested website on opera and it does not warn me at all and successfully show the valid certificates. Can anyone please help?
That is just showing you that you are accessing the site not in SSL (https). You should put in an automatic redirect to avoid people seeing that.
Related
On Windows10 I have an internal website on iis, which I access through a url https://localhost:44300.
Currently I have the security messages come up when I first load the url and I have the broken padlock.
Unfortunately the network I'm on blocks security certificate warnings and I can't get to my site.
Is it possible to buy an SSL certificate for an internal site?
At the moment I'm using mkcert to be my own CA, but I'm told this is not suitable for a production site.
Thanks Ian.
I've got a heroku free plan, which is running on a custom domain with the PointDNS add-on so it can provide nameservers for DNS provider, if that matters.
I've got the website up and running on my custom domain, on https, but the ssl certificate points to *.herokuapp.com.
I suppose I need another SSL certificate for my custom domain, but after looking around for a long while I still couldn't find anything that doesn't require a paid heroku plan.
Is it even possible to add an ssl certificate, on a free heroku plan, on a custom domain? If so, please help me out.
I'm really over my head here and my knowledge about anything-ssl or dns is very limited.
From the PointDNS add-on doc (https://devcenter.heroku.com/articles/pointdns), I don't see how you can do this easily.
But, if you have purchased the domain (and not ddns), this should be pretty easy with cloudflare.
Setting up a Custom Domain name and FREE SSL certificate for Heroku Apps
Add DNS record to point to your site and redirect to heroku.
Enable the Crypto certificate, after this the certificate will be automatically distributed by Cloudflare.
I'm trying to set up https connection in one of my API.
I normally make requests to my API through this address: http://vps234602.ovh.net:8090
I'd like to be able to make https requests.
I tried to make a redirection in OVH panel, from api.uphair.fr to http://vps234602.ovh.net:8090.
Then I used the zerossl certificate wizard to build the certificate.
In the "domains" field, I typed
www.api.uphair.fr api.uphair.fr
Then I builded the certificate and the DNS verification went well (I was able to add new TXT entries in my DNS zone according to what zerossl was asking).
Then I followed the steps to add this certificate in IIS for my API.
When I'm trying to connect to https://api.uphair.fr the redirection is good but I got the error:
:ERR_CERT_COMMON_NAME_INVALID
I did this for another site in IIS, https://partenaires.uphair.fr and it works well.
Does Anybody know what I'm missing here ? Do I just have to wait for the DNS propagation ?
Thanks for your help.
This appears to be a cPanel problem. The good folks at name.com use cPanel. Hosting at name.com for my site is a problem in that when someone accesses my site with https the SSL certificate from another site is sent by the server. cPanel docs seem to imply what I'm describing is a known problem. http requests are fine. Short of implementing SSL for my site, are there recommended ways to set up my site?
This issue is coming because you dont have private SSL for your domain, so install a SSL for domain.
You can get a free SSL from these 2 site:
https://www.startssl.com/
https://letsencrypt.org/
and request your hosting provider to install a SSL after that your website will on both http:// and https://
I have two sites setup on an apache webserver, both are on HTTPS. The certificates are properly installed and they work on almost all browsers, but on some IE versions I get a certificate error message when I open the A site, and the certificate info shows the domain name of the B site. I checked both urls with different SSL checkers and they seem to be fine. Also other browsers show the correct certificate.
Does anybody have any idea?
Thanks.