My site on openshift works with http and https prefix. Does it mean that https is allready set up properly so I do not need any additional steps to configure it there? Do I need any ssl sertificate for https?
As you mentioned in comments, you are using openshift v2.
Here you can use either custom rhcloud.com subdomain or use your own domain name.
All applications URL under rhcloud.com (say, example-username.rhcloud.com) use a shared SSL certificate. So, If you use rhcloud.com subdomain, you don't need to configure anything. They automatically provide *.rhcloud.com wildcard certificate.
To use HTTPS for your custom domain name (say, www.example.com) or alias, you need to upload your own certificate. To upload custom SSL certificate, You need to subscribe to a Premium plan. Free plan does not allow custom SSL certificate.
You can read more about how to set up custom domain, alias or SSL certificate, here. The previous documentation link is valid only for openshift v2.
Related
I am using Jelastic Let's Encrypt add-on to configure SSL for my Jelastic environments. Everything works fine for a single domain or manual addition of subdomains. But while adding wildcard domain such as *.test.app, it doesn't accept this value and doesn't allow me to configure.
I have a domain from Porkbun which provides a Let's Encrypt SSL bundle that supports wildcard SSL out of the box but why can't I do the same thing in Jelastic? I have an app which needs to have subdomains created on the fly and adding new subdomain each time and updating the SSL is definitely not the efficient way. Is there any way I can add wildcard domains too?
From my research I'm not getting an answer after referencing:
Custom SSL doesn't show when using CloudFlare
How to append SSL Origin Certificate with CloudFlare's Root Certificate?
Assets not loaded when using CloudFlare SSL
Cloudflare SSL issue: Request origin does not match request base_url
CloudFlare SSL refused on HTTP access
Wildcard SSL Certificates, Custom Domain Names, and Cloudflare
In my domain register I point my domain nameservers to Cloudflare and under Cloudflare's Crypto set SSL to Full. When I add the URL under Client ID for web application -> Restrictions -> Authorized JavaScript origins and Authorized redirect URIs should I be using HTTP, HTTPS, or both?
My understanding Cloudflare's SSL is a shared SSL and not a dedicated SSL. From Google's documentation I am unaware or able to find when using the Google Login API if the API will work successfully using a shared SSL.
The app is a web application written in Node using Google's Login API and hosted with a custom domain on Heroku. I am able to get the application to work locally and with Heroku's generated URL but I'd like to also implement Cloudflare I'm just unsure what is the correct way to use a shared SSL.
So to sum up, if I own the domain foobar.com in Google's Restrictions should I be using:
http://foobar.com
http://www.foobar.com
or
https://foobar.com
https://www.foobar.com
if the SSL is a shared SSL from Cloudflare?
It depends how do you want to expose your domain to users. Both protocols http/https can be allowed.
However you are trying to use "Google's Login API" = probably Open ID Connect client (SAML client is different), which needs encryption -> so actually, you need to allow only https protocol and then you will have safe configuration.
Say, for example, I have an Azure web app named MyApp and is hosted on Azure as MyApp.azurewebsites.net. It's my understanding that there is nothing I need to do to secure the URL with SSL, as it's done, by default, with a single certificate. So I can already have my users access the app via https://MyApp.azurewebsites.net, and it will be secure right out of the box.
However, say I have another URL named www.MyApp.com that I want to point (redirect) to https://MyApp.azurewebsite.net. Do I have to secure www.MyApp.com with a certificate?
Do I have to secure www.MyApp.com with a certificate?
Yes, we could get more detail info from the official document .
To secure your custom domain name with HTTPS, you bind a custom SSL certificate to that custom domain in Azure.
Before binding a custom certificate, we need to do the following:
Configure the custom domain - App Service only allows adding a certificate for a domain name that's already configured in your app. For instructions, see Map a custom domain name to an Azure app.
Scale up to Basic tier or higher App Service plans in lower pricing tiers don't support custom SSL certificates. For instructions, see Scale up an app in Azure.
Get an SSL certificate - If you do not already have one, you need to get one from a trusted certificate authority (CA).
Yes, if you use a custom host name, then you will need to have a certificate for it. There is really no way around this, based on how SSL works.
My main site https://example.com has an SSL cert, no problem.
Now, I have developped a related application, that is hosted on a completely different server, and under : app.example.com. It has a dedicated IP.
The app uses websockets and needs SSL to function properly acros all devices. But I'm having trouble finding out how to register a new certificate for a subdomain... What's the strategy here? Should I have a wildcard cert on the main server, and somehow redirect from there? In that case, the app server wouldn't have access to the cert, and I wouldn't be able to create my secure socket connection, right?
The certificate has to be installed where the server which provides content using this certificate. This means
That the certificate for the subdomain has to be used on all servers which serve the subdomain, i.e. your websocket server.
And nowhere else, i.e. it is not needed at the main domain just to provide a redirect from the main domain away.
You are free to use any certificate which matches the subdomain, that is it can be a wildcard certificate but can also be specific for only this domain.
You can go for a wild card certificate and bind it to all the URL's who share the same domain. But keep in mind, the wildcard certificates (irrespective of any brands) supports unlimited first level sub domains .
Wild card certificates can be installed on any server where the FQDN is hosted. In situations where the the sub domains are hosted on multiple servers, the wildcard certificate will work for all of them.
I am new to SSL concept. I am having a Rails 3.2 application running on heroku.
Can anyone please clarify me about the following things:
If I am having a heroku application "http://example.herokuapp.com", can I add SSL certificate to it without having any own domain (like www.example.com). If so, could you please provide a reference url to that process.
If the above thing is possible, in future if I own a domain (like www.example.com), can I add the same SSL certificate to that domain. Or I need to have a new SSL certificate for it. Or pointing secured (https) url of that application to the new domain (like www.example.com) is sufficient?
Thanks in advance.
Regards,
K. Subrahmanyam
You don't have to buy or add anything to use SSL and HTTPS on the .herokuapp.com subdomain, it comes with piggyback-SSL for free out of the box. I.e.: https://example.herokuapp.com/
If you add a custom domain and want SSL on that, you also have to buy a certificate for the domain and add the relevant add-on. That's documented on Dev Center.