I have two sites setup on an apache webserver, both are on HTTPS. The certificates are properly installed and they work on almost all browsers, but on some IE versions I get a certificate error message when I open the A site, and the certificate info shows the domain name of the B site. I checked both urls with different SSL checkers and they seem to be fine. Also other browsers show the correct certificate.
Does anybody have any idea?
Thanks.
Related
I have recently had an active website that was protected by an SSL certificate. The site is no longer active and the certificate has expired. I have tried to put up a simple HTML holding page but Google will not show it because there is an expired certificate associated with the domain. Is there a solution to allow me to display the page without needing a certificate.
You don't mention what web server or hosting platform you are using. In general yes you can remove an SSL certificate (and stop listening on port 443). But bear in mind if the user has saved a bookmark starting HTTPS, or the links to the site are HTTPS, or if you used the HSTS header to indicate the site should always be viewed over HTTPS then visitors will have trouble viewing the page only accessible over HTTP.
Given you can get a certificate from LetsEncrypt at no cost the most straightforward, and visitor friendly, option would be to renew the certificate.
There are two domain names:
1.one long (example: MaryJaneFamily.com)
2.one short (MaryJane.com).
The 301 redirect works correctly from EXISTING links from various web sites (from when the site had no ssl).
The redirect domain name appears but gives a "insecure site" warning and it appears as https://MaryJane.com.
The primary domain name does not show up in google listings at all.
I have validated the full domain name with google and provided a new sitemap to google.
The sitemap submission is not showing any errors. DNS for primary domain name shows it is fully propagated.
The link that appears in google is not the primary domain but the forwarded domain name with an "s" added to the http - selecting that link brings to you a "insecure site" warning screen.
What am I doing wrong?
It appear that your SSL certificat is maybe not valid or generated and auto-signed by your server. You have to use a SSL certificate certified by high autority trusted domain. A lot of hosting services can sell you a validated and trusted SSL certificate, or some companies like CloudFlare can give you for free (with some other protections and services like CDN, DDoS protect, firewall...etc).
If you want to do it yourself, you can use Let's encrypt to make your own trusted certificate (remember that you will have to renew this all 3 months but you can easily automate it).
Well, you can read this guide to know more about SSL certificates and which you sould use.
I hope it will help.
Is there a "return 301" for forced SSL in your sites config? If you don't force SSL then you will receive both secure and insecure ports.
I just created a new SSL certificate with GoDaddy. I imported this certificate into IIS 8.0.
Then I checked all existing sites and their SSL certificate. Everyone has its own certificate. So far, so good.
Now I want to add the new imported certificate to a new site. But everytime when I do this, an "error" comes and says that there is an existing site that uses the same certificate. But before that I checked all sites and I haven't seen the same certificate.
If I click on "do it anyway" it changes the certificate of an other site to the new certificate that I just imported. So as a result two sites are using the same certificate now.
How can that happen? Is there a possibility that these two sites have a kind of a connection? Did I do something wrong with the import?
I absolutely have no idea.
Thank you.
PS: Even if I apply for a new certificate, I still get the same result.
PS: Could it be because of two different SSL distributors? One is Symantec and the other one is GoDaddy.
PS: This is the first GoDaddy certificate that I try to install after the Symantec one.
You might be using the same IP and port for all the url's configured on IIS 8. If that's the case, then you have to mention the exact URL in the Hostname section when you bind the certificate as per image below.
Also Make sure you put a tick mark to REQUIRE SERVER NAME INDICATION and then select the correct certificate from the dropdown in the SSL Certificate section.
I'm new to web development and finally been able to create something and show to the world. I have the domain with godaddy, hosted webapp with heroku and using cloudflare SSL certificates. Trying to be cheap as dont want to spend money until I find some traffic to the website.
Chrome and Firefox warn that website is not safe when I type
www.mywebsite.com
however When I type
https://www.mywebsite.com
they work fine. Interestingly I also tested website on opera and it does not warn me at all and successfully show the valid certificates. Can anyone please help?
That is just showing you that you are accessing the site not in SSL (https). You should put in an automatic redirect to avoid people seeing that.
I have a site which is hosted using godaddy and heroku and it has issued SSL certificate fro the godaddy.
Right now I am facing issue as, I (including all my friends and family) can see site very well (It means I can see green color HTTPS on the address bar.)
But for my client getting the SSL error(red cross on HTTPS).
First I thought SSL certificate is not properly installed so I online check the SSL certificate error. For this I used following sites
https://www.sslshopper.com
https://www.digicert.com
but all the sites showing that the certificate is perfectly issued and applied.
Can any one please help me what is actual cause behind this. Is there any firewall issue. Please let me know your thoughts.