I have certified SSL from godaddy. It works fine and the green address bar with the name of my company shows up when I use it without cloudflare. However when I change my dns to cloudflare and turn SSL Strict mode on, the green lock says I have SSL from cloud flare (it shows a different ssl certificate). I don't know what to do to still show my certified ssl in the address bar.
Here is the answer incase someone in future is having the same problem:
EV certificates are only supported on paid business or enterprise subscriptions: https://support.cloudflare.com/hc/en-us/articles/200170446-Can-I-use-an-EV-or-OV-SSL-certificate-with-CloudFlare-Business-and-Enterprise-only-
Related
I have recently had an active website that was protected by an SSL certificate. The site is no longer active and the certificate has expired. I have tried to put up a simple HTML holding page but Google will not show it because there is an expired certificate associated with the domain. Is there a solution to allow me to display the page without needing a certificate.
You don't mention what web server or hosting platform you are using. In general yes you can remove an SSL certificate (and stop listening on port 443). But bear in mind if the user has saved a bookmark starting HTTPS, or the links to the site are HTTPS, or if you used the HSTS header to indicate the site should always be viewed over HTTPS then visitors will have trouble viewing the page only accessible over HTTP.
Given you can get a certificate from LetsEncrypt at no cost the most straightforward, and visitor friendly, option would be to renew the certificate.
I've just created a space on the Digital Ocean cloud.
To enable CDN, it asks for an SSL.
My domain manager is Cloudflare.
I've created a CNAME on the Cloudflare DNS settings page.
Then created an origin server SSL certificate and added those keys to the Digital Ocean subdomain settings page.
But I'm getting this error when I'm visiting the URL.
ERR_SSL_VERSION_OR_CIPHER_MISMATCH
How can I fix this issue?
Use SSL certificate for your original domain then it will work. Don't use a certificate generated by Cloudflare, because that is for something else that Cloudflare side use for to enable strict policy in their side.
Submitting the CNAME in App Platform before adding the record in the DO networking tab causes App Platform to register the domain with CloudFlare before it exists. There is a 30 minute TTL on this record then your domain will start working.
However, as a workaround you can remove the custom domain, let your app deploy, then re-add the custom domain and it should start working almost instantly.
There are two domain names:
1.one long (example: MaryJaneFamily.com)
2.one short (MaryJane.com).
The 301 redirect works correctly from EXISTING links from various web sites (from when the site had no ssl).
The redirect domain name appears but gives a "insecure site" warning and it appears as https://MaryJane.com.
The primary domain name does not show up in google listings at all.
I have validated the full domain name with google and provided a new sitemap to google.
The sitemap submission is not showing any errors. DNS for primary domain name shows it is fully propagated.
The link that appears in google is not the primary domain but the forwarded domain name with an "s" added to the http - selecting that link brings to you a "insecure site" warning screen.
What am I doing wrong?
It appear that your SSL certificat is maybe not valid or generated and auto-signed by your server. You have to use a SSL certificate certified by high autority trusted domain. A lot of hosting services can sell you a validated and trusted SSL certificate, or some companies like CloudFlare can give you for free (with some other protections and services like CDN, DDoS protect, firewall...etc).
If you want to do it yourself, you can use Let's encrypt to make your own trusted certificate (remember that you will have to renew this all 3 months but you can easily automate it).
Well, you can read this guide to know more about SSL certificates and which you sould use.
I hope it will help.
Is there a "return 301" for forced SSL in your sites config? If you don't force SSL then you will receive both secure and insecure ports.
So basically my old domain was benscottp.com for my main domain on Godaddy. I changed it last week to Atmosquare.co.nz. I have put a third party ssl on one of my websites before but it was a subdomain. I have provided a screenshot in my manage ssl panel and the ssl certificate that is for the new domain (atmosquare) has the details of the old domain in it? How do I change this as I think it's the reason behind the ssl not working.
enter image description here
SSL isn't working because it's not issued by a root CA trusted by the browser. There may be other problems also, but that's definitely one of them.
You can't change the certificate. You need to create/order a certificate that covers the domain(s) you want to run SSL on.
You can get free, valid certificates for whatever sites you need from https://letsencrypt.org/
I have a site which is hosted using godaddy and heroku and it has issued SSL certificate fro the godaddy.
Right now I am facing issue as, I (including all my friends and family) can see site very well (It means I can see green color HTTPS on the address bar.)
But for my client getting the SSL error(red cross on HTTPS).
First I thought SSL certificate is not properly installed so I online check the SSL certificate error. For this I used following sites
https://www.sslshopper.com
https://www.digicert.com
but all the sites showing that the certificate is perfectly issued and applied.
Can any one please help me what is actual cause behind this. Is there any firewall issue. Please let me know your thoughts.