Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 9 years ago.
Improve this question
I'm about to get an SSL Certificate for my website. In particular, it will be used because I'm switching over to a payment processor which requires it. A few "noob" questions:
1) Will I have to change any code that directs users to http://www.mysite.com to https://www.mysite.com, or will users who go to http://www.mysite.com be automatically re-directed to https://www.mysite.com?
2) I assume that https "slows" things down on a site? If this is the case, can I maintain the http everywhere on my site except when they make a payment to the processor? i.e. http://www.mysite.com/any_old_page.php, while https://www.mysite.com/pay_for_the_stuff.php
Thanks!
No, that won't happen automatically. You will have to change your server configuration to do that.
Yes, it slows things down. How much depends on the cipher suite used for the server, the server software and hardware. You should play around with different TLS cipher suites to see how much. It depends on that (and of the nature of your site) if you should only use TLS on part of your site or all of your site. As for the requirements of the payment processor: ASK!
Related
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 12 months ago.
Improve this question
I have to set a multiple domains under a single cPanel because the they both need to point to the same document root.
I have successfully added the secondary domain under Domains, and I was able able to upload another SSL certificate for this domain.
However, looks like I am only be able to install one SSL certificate at a time, when I tried to install the secondary SSL, the first one automatically stopped working.
How I can configure cPanel to have both SSLs working? or in this case, do I have to use a single SSL that supports multiple domains?
Thanks
If you add each domain as "Addon" under your cPanel, your hosting provider's free SSL- either, Let's Encrypt or cPanel's SSLs should be able to cover EACH addon domain with a different SSL Certificate and they should not interfere with each other.
If you still experience issues with that, I would recommend reaching your hosting provider to check that further for you and let you know how this can be achieved in their environment.
If they lack support, then I would recommend checking out for a managed hosting provider which will take care of this configuration for you.
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 5 years ago.
Improve this question
I've noticed it is a lot cheaper to buy a single website SSL certificate than a wildcard certificate.
My question is if I have 2 applications setup in IIS:
1. website.com
2. subdomain.website.com
Firstly, would I be able to buy 2 individual certificates for the website.com and subdomain.website.com?
Secondly, assuming I was able to buy the above certs, would it actually work?
Many thanks!
Yes you can. The domain name is recorded in CN field (single domain or a wildcard). There is also SAN extension that allows you to use the same certificate on different domains (sub.domain.com and domain.com are considered two different domains).
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 7 years ago.
Improve this question
My question is the following: I'm hosting a couple of websites on a web server (Apache on Debian Wheezy) and I want to have ssl on them. Can I have one certificate and use it for every domain or should I have multiple ones? I tried to have one but the problem is that if I first visit example1 with https, then if I try to visit example2 with https, I get the content of the former, while the url is the latter.
What am I doing wrong? What is the best way to have https for every website on the server?
you need SSL certificates for each domain hosted on the box.
you can have selected domains on SSL but would require tweaking the virtual host file.
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 7 years ago.
Improve this question
I bought a ssl certificate generated with SHA-2 algorithm.
It was successfully installed in apache2 server. I also test it with online tool like https://www.sslshopper.com and the result is completely ok, however in firefox console I got something like this
This site makes use of a SHA-1 Certificate; it's recommended you use certificates with signature algorithms that use hash functions stronger than SHA-1.
I also double checked with Chrome and other browser. It seems ok.
is there any gotchas related to my certificate ?
please help and thanks in advance.
Your certificate is fine. The warnings logged in the Firefox console are due to resources served from other domains (speficially, s-static.ak.facebook.com, connect.facebook.comand avocado-app.s3.amazonaws.com) that use SHA-1 certificates.
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 6 years ago.
Improve this question
I have a web application with nginx. I would like to have unlimited subdomains. When I open subdomain.domain.com I see in my Chrome:
Your connection is not private
Attackers might be trying to steal your information from subdomain.domain.com (for example, passwords, messages, or credit cards).
Back to safetyAdvanced
NET::ERR_CERT_COMMON_NAME_INVALID
I can't understand how to fix this issue. I should add another SSL cert for all subdomains or I need different cert for every subdomain? Can someone explain what is the correct flow here?
Thanks!
A wildcard SSL certificate would allow you to have unlimited subdomains with a single certificate.