How to add SSL with subdomain on different server? - ssl

I have the same issue as this guy: How to add SSL to subdomain that points to a different server?
However, I have no clue how to do this.
I have purchased a Wildcard SSL and set sub.mydomain.com to the IP of the other server using DNS records (A record).
Everything is installed correctly on the main server, however on the sub.mydomain.com the SSL doesn't work.
I'm using Plesk Panel on Ubuntu 14.04
Any idea how I can make it work on the other server?
Thanks!

What error are you getting ?
No matter the subdomain is created on which server if you have certificate and private key you can install ssl on the subdomain

Related

How to install wildcard ssl certificate on apache with subdomains?

I have my main site "domain.com" and a subdomain "apps.domain.com" (with different directories for each site)
I generated a LE wildcard certificate with cerbot but i cant figure out how to use it...
Im trying to get ssl on the domain and subdomain. (im using debian and apache)
I know im supposed to make a ssl config file for the 443 port then another one for port 80. Also i dont understand why apache doesnt read all configuration files (had to put 000 at the start of the file)
I also have several questions, when certificate is installed will the certbot auto renewals still work ? how do i tell apache to auto redirect to https ?

Why won't my https://domain forward to www?

I have a website for my podcast built with Python / Django that is hosted on Heroku: https://dinpodcast.herokuapp.com/
I have a custom domain parked on GoDaddy, dinpodcast.com, that has a www CNAME directing to my heroku application. This works just fine: https://www.dinpoddcast.com
I wanted dinpodcast.com to redirect to the www website, so I have the following domain forwarding set up on Godaddy:
This also works great, for the most part. Now, when I enter http://dinpodcast.com, or just dinpodcast.com, both will redirect to https://www.dinpodcast.com.
Here's the problem. When I enter the naked domain WITH HTTPS, so when I enter https://dinpodcast.com into a browser's address bar, I get the following response:
Here's what I THINK is happening. My SSL certificate is provided by Heroku under their Automated Certificate Management program. So, I assume that since I don't have an SSL certificate with GoDaddy, it's timing out trying to find one before it can redirect to my www subdomain. Would this be correct? If so, is there any way around this WITHOUT buying an SSL certificate with GoDaddy? If that's not what's happening, then what is and how do I fix it?
When you create an ssl certificate in your domain do you include your root domain? Tried using this tool in your root domain and it seems that there is no ssl certificate. However the subdomain https://dinpodcast.herokuapp.com/ has one. I suggest putting an ssl certificate in all subdomain and root domain that you are using.
I also checked the root domain’s IP address using this tool and checked port 443 using another tool and apparently the port is closed. Double check your firewall and make sure 443 is open.

Installing SSL for sub domain which pointing to another server

I have domain www.xyz.com with dedicated IP,SSL for www.xyz.com is already installed and working fine.
now through plesk panel i am able to create 10 sub domains.
I have created one sub domain named subdomain.xyz.com which is pointing to totaly different server.
I want to add SSL certificate for subdomain.xyz.com.
where i have to add SSL certificate, on the the server that sub domain is pointing or i can add SSL for subdomain.xyz.com from xyz.com plesk panel.
the subdomain is pointing to solaris server
You will need to install the SSL certificate on the actual server that is responding to your HTTPS requests (meaning, the one the subdomain points to). However, keep in mind that if you have a regular SSL certificate, then the certificate would have to be issued to the specific subdomain. For example, a regular SSL certificate for example.com does not validate against sub.example.com.
As an alternative, you can purchase a wildcard SSL certificate for your domain that will cover the new subdomain and any others you add later. More info on that here: https://www.digicert.com/wildcard-ssl-certificates.htm

MAMP PRO document root forbidden when adding ssl

Just upgraded to Mamp Pro 3.5 from simple MAMP and all worked great till I added a self signed cert.
My document root for my local.mysite.com was set to htdocs/html/magento
Site works fine using http.
When I add the self signed ssl the site now only works correctly at https pages. If I try to go to any page without https such as http://local.mysite.com/store I get this in the apache log:
File does not exist: /Applications/MAMP/htdocs/store
If I uncheck the ssl the http urls all work again.
Did I miss something in the set up?
Thanks
It's far from obvious, but you can actually add a second host with the exact same domain name (local.mysite.com in your case) but this time leave SSL disabled on the SSL tab.
You'll therefore have two hosts, both for local.mysite.com. One is for https and the other for http.

Avoiding SNI for SSL on a single server hosting multiple vhost entries

I am trying to host 2 sites on a single IP address and they need to be accessed via SSL however the majority of my users use Internet Explorer on Windows XP meaning using multiple SSLs with SNI may prevent them getting access.
I was wondering if I could use a multiple virtual hosts but still use a single SSL certificate and avoid SNI ?
Alternatively how feasible is it for me to install two Apache webserver instances, each its own DocumentRoot and own SSL certificate and for me to simply use the first Apache webserver as an entry point to entertain some requests and to redirect others to the other SSLed Apache instance ?
Could I potentially use the Windows Host file (Windows 2008 Server) to redirect incoming requests to the intended Apache Server instead of using VirtualHosts ?
Apologies if I have confused concepts.
You can try to purchase an X.509 certificate with two domains in it. I don't know what particular CAs do this, but I also don't see why they would refuse. You need to ask their support, though.
Your idea to redirect some requests to another server residing on a different port sounds good as well, though you will have to use two different certificates for different domain names, of course.
Finally if your second domain can be something like additional.mydomain.com , you have greater chance to buy a certificate issued for mydomain.com + www.mydomain.com + additional.mydomain.com (this can be a wildcard certificate or a certificate with additional subdomain names).