Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 6 years ago.
Improve this question
sorry for the noob question.
Basically I have domains through Namecheap and my hosting is at Hostmonster.
I'd like to use the NSONE free DNS service. For a domain with http, I've already pointed the Namecheap nameservers to NSONE, and from NSONE pointing to the IP address of my hosting.
However I'm wondering whether its the same procedure for a domain I have which has a SSL certificate (https)?
I hope you understand my noob question.
Thank You!
There is no such thing as a DNS record for HTTPS. A DNS record cares (among other things) about the mapping between the domain name and the IP address, and http://example.com and https://example.com are the same name and therefore have the same IP address. This means no changes need or can be done at the nameserver which are specific to https.
Related
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 3 years ago.
Improve this question
I have a subdomain sub.domain.co.uk that points to my server ip address lets say 192.0.2.1 currently this just uses http.
I have a need to make this use https/ssl so I have purchased my SSL but my server host have advised I need to point my url sub.domain.co.uk to a different IP in order for the SSL to work so I can hook it up in IIS.
So now I need to point sub.domain.co.uk to 192.0.2.2
So the only way forward I can see is that I go into my DNS settings in 123 reg and change my sub.domain.co.uk A record from 192.0.2.1 to 192.0.2.2
And incurr the downtime/propagation that comes with that.
Am I missing something, is there a better way to do this without incurring downtime?
For example, could I just add a second A NAME, for the same sub domain, e.g...
sub 192.0.2.1
sub 192.0.2.2
and in IIS just point my SSL to the second one, or would that confuse browsers?
Any help appreciated in advance
I believe I have solved this myself after a little research.
So I have two websites in IIS with an SSL that are using * as the ip address, meaning use any unassigned ip's.
So when I tried to add the SSL to the second website it complains saying that cause issues with the bindings on the first.
So if I just tick the little box that says 'Require Server Name Indication' on my second IIS bindings (when applying the SSL) it works perfectly.
Great article on Server Name Indication below (SNI)
https://www.cloudflare.com/learning/ssl/what-is-sni/
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 4 years ago.
Improve this question
We have a SSL cert from Symantec for foo.bar.com. Now we want our site to be know as foo.baz.com while still maintaining the old name. Both bar.com and baz.com resolve to the same IP. If I go to foo.baz.com it says the site is not secure. How I can use the same cert for both domain names when they are the same IP?
You have already purchased SSL certificate for foo.ar.com but not for foo.baz.com that's why it says 'site is not secure'.
Symantec SSL certificates are giving support for SAN (Subject Alternative Names) so you can manage multi domain names with single Symantec SSL certificate so add you domain name foo.baz.com in existing SSL certificate.
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
Closed 9 years ago.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Improve this question
I own a domain at my DNS provider. I've pointed it to my house. My house keeps the IP address at the domain updated through dynamic DNS, so the A record always points to my IP address. I run OpenVPN at my house so I can connect from elsewhere. It's using a self-signed certificate. So, of course, I get SSL warnings when I connect.
My question is, Can I obtain an SSL certificate from StartSSL (free), set it up on OpenVPN, and get my browser to recognize the certificate as valid? For that matter, can I get any SSL certifcate to validate for any personal, development site I might set up at home in this situation? (OpenVPN.example.com, TestSite.example.com, etc)
(OpenVPN is not using port 443 or port 80, because I've heard that ISPs don't like it when you use those...)
The short answer is Yes. When creating a SSL certificate request you set the "common name" to the DNS name of the host. You can change the type of DNS record (e.g. A, CNAME, etc.) or record value (e.g. 192.168.1.2) at anytime as long as the record name (e.g. vpn.example.com) is the same.
For a browser to recognize a SSL certificate (not give warnings upon connection) a matching Certificate Authority (CA) must ship (or be manually added) to your browser or OS. To avoid SSL warnings with self-signed certificates you could instead provision a cert using a local/custom CA and install its root certificate on any necessary computers.
Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 10 years ago.
Improve this question
Please note this is not a complaint. I am just wondering what the cost is to Heroku for providing custom-domain SSL, if there is one, as they do not provide the SSL certificate. As i understand it it is quite common to provide SSL support for free, and charge for the certificate itself.
For reference: Custom-domain SSL
In order to use your own SSL certificate with a shared server, your site must run on its own dedicated public IP address.
(since the server needs to send the SSL cert before the browser tells it which host it's connecting for)
IP addresses are a scarce commodity.
Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 10 years ago.
Improve this question
Someone has registered a domain and is using a CNAME redirect to direct traffic to my site. Google is seeing this as duplicate content and it's affecting my rankings.
Is there anyway of blocking access for traffic that comes to my site through the domainnotundermycontrol.com redirect?
Thanks in advance.
"There is no BAD publicity."
The CNAME is solely a DNS tool. The request to you server should still be sending a request for the domainnotundermycontrol.com/somepage to your apache server once it gets you're IP from the DNS lookup. Apache will see the 'ServerName' as domainnotundermycontrol.com
It sounds like the domain which you CAN control has no filtering on server name, only ip, maybe. Create a vhost for the domainnotundermycontrol.com on your server to catch all requests to that server name and serve up an index file with links to legitimate page you want people to hit or just some adwords. Then it will no longer be caught by your other vhost.
Enjoy the free traffic.