I have tested my self-signed SSL certificate for https site.
when I access my https site such as https://example.com on my computer, Chrome
browers will give me SSL warning about un-trusted site something like that
and I follow instuction from a link, the warning
is gone. But why it always has red-cross and read-slash mark around https at address bar
even I 've saved and put my self-signed SSL cert into the trusted vendor folder on Chrome
browser as a trusted cert only on my computer.
Whether must I buy third-party SSL cert to get rid of those red mark ? That is only method?
Related
I have a website for my podcast built with Python / Django that is hosted on Heroku: https://dinpodcast.herokuapp.com/
I have a custom domain parked on GoDaddy, dinpodcast.com, that has a www CNAME directing to my heroku application. This works just fine: https://www.dinpoddcast.com
I wanted dinpodcast.com to redirect to the www website, so I have the following domain forwarding set up on Godaddy:
This also works great, for the most part. Now, when I enter http://dinpodcast.com, or just dinpodcast.com, both will redirect to https://www.dinpodcast.com.
Here's the problem. When I enter the naked domain WITH HTTPS, so when I enter https://dinpodcast.com into a browser's address bar, I get the following response:
Here's what I THINK is happening. My SSL certificate is provided by Heroku under their Automated Certificate Management program. So, I assume that since I don't have an SSL certificate with GoDaddy, it's timing out trying to find one before it can redirect to my www subdomain. Would this be correct? If so, is there any way around this WITHOUT buying an SSL certificate with GoDaddy? If that's not what's happening, then what is and how do I fix it?
When you create an ssl certificate in your domain do you include your root domain? Tried using this tool in your root domain and it seems that there is no ssl certificate. However the subdomain https://dinpodcast.herokuapp.com/ has one. I suggest putting an ssl certificate in all subdomain and root domain that you are using.
I also checked the root domain’s IP address using this tool and checked port 443 using another tool and apparently the port is closed. Double check your firewall and make sure 443 is open.
I have recently installed ssl certificate through CloudFlare. I'm getting https but not getting padlock. I tried using really simple ssl WordPress plugin but I could not help mixed content.
My website URL: https://claimstock.com
Looking at the developer console of Chrome clearly shows the problems:
Mixed Content: ... requested an insecure image 'http://35.232.70.59/wp-content/uploads/2018/11/construction-image38-2-free-img.jpg'
This means that your site includes resources loaded with plain http:// even though the site is served with https://.
Failed to load resource: net::ERR_CERT_AUTHORITY_INVALID ... 35.232.70.59/wp-content/uploads/2018/11/911-2.jpg:1
This mean your site tries to download resources via https:// from 35.232.70.59. But the certificate for 35.232.70.59 is a self-signed certificate for www.example.com. A self-signed certificate can not be trusted and apart from that the name of the certificate does not match the name in the URL.
I am facing a weird issue. I do not know if it is Nginx related or DNS related but here is the problem :
I have a domain that is fine, let's say foobar.com , SSL does not face any issue. Both www. and root domain work with HTTPS.
I have a second domain, let's say foobaz.net, I need to redirect it to foobar.com in every situations (both www. and root domains).
It does actually redirect, but when I try to access https://foobaz.net/ I get a HTTPS error/warning before being redirected to https://foobar.com/ after adding it the the SSL exceptions of Chrome (https://foobar.com/ SSL certificate is OK once I get past https://foobaz.net/ SSL warning).
I do not know if it is Nginx related or DNS related, any clue of what is happening here ?
Thanks in advance.
Any https connection checks the ssl certificate before proceeding to do what it needs to do in the server(in your case, a redirection). You may have a certificate for foobar.com, which is perfectly fine, but if you don't have a valid foobaz.com certificate. That's why the error shows up, foobaz is not "secure".
A https connection is secure if all the points between you and the endpoint are secure, not only the endpoint. If foobaz is not certified, that is a non-secure middle point on your connection, and that's why the warning happens.
Get a SSL certificate for foobaz too, and the whole connection will be secure.
Im using hostgator as my host.They do not provide free ssl certificate.So im using cloudflare free ssl certificate for my site.SSL certificate working everywhere except Cpanel.
I tried manually adding ssl through cpanel option.But not really working!Is there any way i can add it there?
Or it will be really good if my cpnael url cpanel.site.com won't just show up to that address.
If you want to use the CloudFlare SSL certificate then there is no need to add that SSL certificate to yoru cpanel nor to your site. Read the cloudflare documentation in order to see how to create and use Page Rules and their SSL certificate. cPanel has nothing to do with it. CF works just fine with cPanel/WHM and pretty much with any other related hosting panel. Your site can be http only in cPnel and then you do the HTTPS redirection from Clouflare using their Flexible SSL and page rules
cpanel.yourdomain.com ssl is related to server side. If your host allow autossl with Let's Encrypt (for example) then it will install ssl for all your necessary subdomains like webmail, cpanel, mail, www etc. If you are installing ssl manually, then you cannot install it for cpanel subdomain. However if you want to use cpanel securely and have enabled ssl with yourdomain.com the you can use it:
https://yourdomain.com:2083
I have 2 websites on 2 servers, I use the SSL cloudflare
For the first everything is ok, green padlock.
For the second, I have a grey padlock with a warning on it https://lightpics.net
Google Chrome can see the site’s certificate, but the site uses a weak security setup (SHA-1 signatures), so your connection might not be private.
Proceed with caution. These are common mistakes in websites' configurations, but that doesn't guarantee that your connection is secure.
When I disable the HTTPS verify in Avast, it become green.
Someone know why ? I have the same configuration on the both... so, it's my server, my code, avast or cloudflare ?
The problem only came from avast : it MITM your connection and sign it again with an sha1 certificate.
To be sure, check your server with ssllabs.com
Just one more thing : https is not enough to be secure, you should redirect http to https with a 301 (permanent) redirect and use HSTS.