I am using an Amazon EC2 instance with Ubuntu 14.04 and running an apache2 webserver. I bought my domain with godaddy and migrated the nameservers to cloudflare. Since cloudflare offers free SSL, I have that enabled. I have never built a website to use SSL only and I know this is possible because many websites are SSL by default. So my question is how to have visitors use SSL only site-wide?
Thanks
You can do this via PageRules in CloudFlare.
Related
Followed this link steps to install SSL on AWS LightSail Ubuntu Server: https://linuxhostsupport.com/blog/how-to-install-lets-encrypt-with-apache-on-ubuntu-16-04.
But https://example.com not loading.
Is there any configuration missed?
And it is necessary to add a TXT record in the DNS setting after the LetsEncrypt Certificate installation?
You should have used Lightsail DNS Zone for DNS Management instead of Godaddy for using LetsEncrypt SSL installation on LightSail.After moving DNS Management from Godaddy to Lightsail try LetsEncrypt SSL installation.strong text
I bought a godaddy domain and managed to map it to the lightsail ip address.
I used "let's encrypt" certbot to issued a license to that domain name. Successful.("Congratulations! You have successfully enabled https://jacky2020.com")
http works, https still doesn't.
Tutorials on Amazon website does not seem to work on the basic account($5/month)
Have you opened up port 443 / https in the Lightsail firewall for that instance?
Im using hostgator as my host.They do not provide free ssl certificate.So im using cloudflare free ssl certificate for my site.SSL certificate working everywhere except Cpanel.
I tried manually adding ssl through cpanel option.But not really working!Is there any way i can add it there?
Or it will be really good if my cpnael url cpanel.site.com won't just show up to that address.
If you want to use the CloudFlare SSL certificate then there is no need to add that SSL certificate to yoru cpanel nor to your site. Read the cloudflare documentation in order to see how to create and use Page Rules and their SSL certificate. cPanel has nothing to do with it. CF works just fine with cPanel/WHM and pretty much with any other related hosting panel. Your site can be http only in cPnel and then you do the HTTPS redirection from Clouflare using their Flexible SSL and page rules
cpanel.yourdomain.com ssl is related to server side. If your host allow autossl with Let's Encrypt (for example) then it will install ssl for all your necessary subdomains like webmail, cpanel, mail, www etc. If you are installing ssl manually, then you cannot install it for cpanel subdomain. However if you want to use cpanel securely and have enabled ssl with yourdomain.com the you can use it:
https://yourdomain.com:2083
I'm working on a Ruby on Rails SaaS app with a custom subdomain for each company. When a company signs up, the user is redirected to her subdomain.myapp.io.
The app is hosted on Heroku and DNS are managed at CloudFlare. I use the free SSL feature provided by CloudFlare, which works as expected for https://myapp.io.
My issue is about having SSL active for the subdomains. I wonder if this is possible without buying a wildcard SSL certificate.
CloudFlare DNS setup:
myapp.io. 300 IN CNAME myapp.herokuapp.com.
*.myapp.io. 300 IN CNAME myapp.herokuapp.com.
Heroku domains setup:
myapp.io
*.myapp.io
This works, but without SSL on subdomains. It is not possible to use CloudFlare features (such as SSL Full) for wildcard subdomains (except for Entreprise plan users).
I think I need to buy a wildcard SSL certificate for my domain ($115/year) and add the SSL Endpoint Heroku add-on ($7/month). Am I wrong?
Short answer:
You can't have a free wildcard SSL (Full protection) for subdomains on CloudFlare (Free plan).
Long answer:
I mean using wildcard with CloudFlare (Free plan), CloudFlare proxy protection and acceleration are bypassed (no orange cloud) so your origin server SSL certificate will be used instead. So to enable SSL you need to add a CNAME record for each subdomain (the cloud icon should be orange).
Example:
foo.myapp.io. 300 IN CNAME myapp.herokuapp.com.
bar.myapp.io. 300 IN CNAME myapp.herokuapp.com.
(You don't need to add any record for custom domains in Heroku if you already have *.myapp.io)
[EDIT]
Maybe you can add DNS records dynamically via CloudFlare's API (https://api.cloudflare.com/#dns-records-for-a-zone-create-dns-record)
(I didn't try that...)
Workaround:
As you said:
Pay for CloudFlare Enterprise
Buy a wildcard SSL certificate + Heroku SSL SNI (https://devcenter.heroku.com/articles/ssl-beta)
Hope it will help.
I have a vps running on ubuntu 12.04 with apache2. My question is, if I am going to install ssl cert and etc. to it am i able to use https directly to my domain? I just add A Record at my domain provider with the VPS IP Address.
Essentially, yes.
Remember to make sure that Apache is listening on https (and it's setup as it should be with the certs and mod_ssl) and if you have a firewall active, the port for https (443) is open.
Otherwise, all you would need to do is add your record to the DNS server.