We Keep Coding

DNS - Pointing A Record to new IP for SSL Certificate [closed]

Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 3 years ago.
Improve this question
I have a subdomain sub.domain.co.uk that points to my server ip address lets say 192.0.2.1 currently this just uses http.
I have a need to make this use https/ssl so I have purchased my SSL but my server host have advised I need to point my url sub.domain.co.uk to a different IP in order for the SSL to work so I can hook it up in IIS.
So now I need to point sub.domain.co.uk to 192.0.2.2
So the only way forward I can see is that I go into my DNS settings in 123 reg and change my sub.domain.co.uk A record from 192.0.2.1 to 192.0.2.2
And incurr the downtime/propagation that comes with that.
Am I missing something, is there a better way to do this without incurring downtime?
For example, could I just add a second A NAME, for the same sub domain, e.g...
sub 192.0.2.1
sub 192.0.2.2
and in IIS just point my SSL to the second one, or would that confuse browsers?
Any help appreciated in advance

I believe I have solved this myself after a little research.
So I have two websites in IIS with an SSL that are using * as the ip address, meaning use any unassigned ip's.
So when I tried to add the SSL to the second website it complains saying that cause issues with the bindings on the first.
So if I just tick the little box that says 'Require Server Name Indication' on my second IIS bindings (when applying the SSL) it works perfectly.
Great article on Server Name Indication below (SNI)
https://www.cloudflare.com/learning/ssl/what-is-sni/

DNS Records for HTTPS? NSONE, Namecheap, Hostmonster [closed]

Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 6 years ago.
Improve this question
sorry for the noob question.
Basically I have domains through Namecheap and my hosting is at Hostmonster.
I'd like to use the NSONE free DNS service. For a domain with http, I've already pointed the Namecheap nameservers to NSONE, and from NSONE pointing to the IP address of my hosting.
However I'm wondering whether its the same procedure for a domain I have which has a SSL certificate (https)?
I hope you understand my noob question.
Thank You!

There is no such thing as a DNS record for HTTPS. A DNS record cares (among other things) about the mapping between the domain name and the IP address, and http://example.com and https://example.com are the same name and therefore have the same IP address. This means no changes need or can be done at the nameserver which are specific to https.

Setup Lets Encrypt on VPS where the DNS is setup on CloudFlare [closed]

Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 6 years ago.
Improve this question
I have hosted a website using VPS and pointed to it using DNS services of CloudFlare, The site is working properly. Now I am trying to install ssl provided by Lets Encrypt, I am able to complete the steps successfully but the site doesn't appear to be ssl enabled. Also when I completed the steps succesfully the process didn't generate any cert file.I have used the https://www.digitalocean.com/community/tutorials/how-to-secure-apache-with-let-s-encrypt-on-ubuntu-14-04 could anybody tell me were I might be going wrong.

CloudFlare supports using Let's Encrypt between CloudFlare and your origin; however you must use the --webroot argument when you run the Let's Encrypt binary.
By using the webroot authentication method, a temporary file is placed to validate your domain for the certificate. There is a guide on how to do this on the CloudFlare help centre: How to Validate a Let’s Encrypt Certificate on a Site Already Active on CloudFlare
By using this method, you are able to ensure the connection between CloudFlare and your origin web server is fully encrypted using Strict SSL.

Now you have https on your server.
So the communication vpc-cloudfare can use https.
Now you have to configure cloudfare to use https betwenn cloudfare and the browsers.
See https://www.cloudflare.com/ssl/

Block CNAME redirect from a domain I don't own [closed]

Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 10 years ago.
Improve this question
Someone has registered a domain and is using a CNAME redirect to direct traffic to my site. Google is seeing this as duplicate content and it's affecting my rankings.
Is there anyway of blocking access for traffic that comes to my site through the domainnotundermycontrol.com redirect?
Thanks in advance.

"There is no BAD publicity."
The CNAME is solely a DNS tool. The request to you server should still be sending a request for the domainnotundermycontrol.com/somepage to your apache server once it gets you're IP from the DNS lookup. Apache will see the 'ServerName' as domainnotundermycontrol.com
It sounds like the domain which you CAN control has no filtering on server name, only ip, maybe. Create a vhost for the domainnotundermycontrol.com on your server to catch all requests to that server name and serve up an index file with links to legitimate page you want people to hit or just some adwords. Then it will no longer be caught by your other vhost.
Enjoy the free traffic.

Can't browse to my EC2 Instance [closed]

Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 9 years ago.
Improve this question
I've just (about 1 hour ago) associated an Elastic IP to my instance at Amazon EC2. If I SSH into my instance and type lynx localhost I can see that apache is responsive because I see the It works page.
However, If I browse into my instance (both via the IP itself and via the public DNS Amazon has created for me), I get Oops! Google Chrome could not connect to.. bla bla...
Should I wait some more time (in case it's due to some DNS thing) or does this indicate something is wrong?
Thanks in advance
EDIT: When I ssh into my instance, I use the full IP address and it works... (the Elastic IP I mean).

You must config the firewall to open the HTTP port.
To be more specific, for AWS this is done via Security Groups. You should create one with the ports you need opened. In most cases that's the por 80 for TCP.
You can see how to achieve this on the documentation http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-network-security.html

First identify the security group of the Ec2 instance.
Next click on the security groups link in the bottom left nav.
Select the security group under which this EC2 instance lies,
and add Inbound rules by specifying the port or a custom port range.

For those of you using Centos (and perhaps other linux distibutions), you need to make sure that its FW (iptables) allows for port 80 or any other port you want.
See here on how to completely disable it (for testing purposes only!).
And here for specific rules