I have two sites hosted on firebase. Browsers accessing either site are reporting "This site can't provide a secure connection".
The ssl certificates my sites are issued to gautiervanrossom.com and besworth.io respectively. I don't know anything about these entities.
How can I reset my firebase ssl to the correct url?
Related
I'm having hard time in understanding how the SSL part of this firebase works
as there is no option to change
and its causing many issues if we use other SSL apart from firebase
is there any way where we can disable firebase ssl
and use custom one
or can some one tell me how to reset this ssl issued by firebase (which is different domain and its just partial not full/strict https)
The SSL certificates Firebase Hosting uses come from letsentrypt.org. They are full SSL certificates, but they are shared between many domains. From the Firebase documentation on its SSL certificate provisioning:
Your domain will be listed as one of the Subject Alternative Names (SAN) in the FirebaseApp SSL certificate. You can view this certificate using the browser's security tools. While the domain is provisioning, you might see an invalid certificate that does not include your domain name. This is a normal part of the process and will resolve after your domain's certificate is available.
If your project is on the paid Blaze plan, you can reach out to Firebase support to set up a SSL certificate you provide on Firebase Hosting for it.
I am a site owner on a SPO site whose SSL certificate just expired. They are projecting one week to resolve! In the interim, how likely is it that a malicious user could access the SharePoint site's files?
The only problem is for your real users. Many browsers and API doesn't allow to connect to an insecure site. The browser has to allow this, the API have to set the flag "allow unsafe". But: If you allow unsafe, you can't guarantee the safe connection...
I’m building a web application where users can create their own websites. Users have the option to point their own domain names at these sites. A prototype for the application already exists; Apache accepts requests on all hostnames and the actual domain mapping and resolution happen at the application level (a simple database lookup grabs the site that matches the requested hostname).
Where I’m stuck is how users’ SSL certificates might fit into this equation. What steps would I need to take to allow a user to upload their SSL certificate such that the application could successfully handle secure HTTP requests to their hostname? Is this even something the application alone could handle?
I think you cannot handle this in your application alone.
It's a CA problem, except you are an intermediate CA company, or you cannot get the user's domain SSL certificate and sign for user's domain.
The typical user, and IMHO even more the user's who are going to create a web site of this system as opposed to setting up their own WordPress or other site on their own server (or their own paid shared server hosting account), will have absolutely no idea how to setup a proper SSL certificate, so getting it to your securely so that you can install it wouldn't even be an issue because they will never get that far.
However, you should be able to use Let's Encrypt to do exactly what you need. As part of the process of adding a domain, once the domain is pointing to your server (the users will have to figure out how to do that with their domain registrar), you can create a Let's Encrypt certificate and validate it. My favorite web hosting company (I won't name it as that is not relevant - anyone can do this with some effort) provides this capability as part of their Control Panel. They also provide paid certificates with a few of the big issuers, as they have for many years, but for most small sites Let's Encrypt works very well and is totally free. The setup literally takes only a minute. The key is that you have to give the user an IP address or CNAME first so that they can point the domain. Once the domain is resolving to your server, you can get the Let's Encrypt certificate.
I deleted a firebase project. I had linked to a custom domain, and now I cannot access the custom domain. It gives me an error, NET::ERR_CERT_COMMON_NAME_INVALID
The domain is http://apps.diggle.tech/ and it gets redirected to https when I visit the URL.
Your site is no longer associated with Firebase Hosting, however Firebase Hosting does add HSTS headers to sites to ensure they're always served over HTTPS. These are cached in the browser for a period of time, and so since you had previously visited the Firebase Hosting version of your site it is still enforcing HTTPS.
Since your new hosting setup doesn't support HTTPS, you're seeing an SSL error. You will need to either add SSL to your new hosting configuration or just wait for the HSTS cache to expire.
I am able to complete the connect to custom domain step successfully and https://example.com is correctly loading my static file app which is hosted on Firebase.
However, browser is warning about the site's SSL certificate is not matching example.com. I looked at the certificate and it is of firebase.com, not example.com.
This certificate is provided by Firebase for example.com (my custom domain name) and I expect it to be matching it. Is this expected?
I know the other solution is to get my own certificate for example.com. However, it seems that Firebase won't let me deploy my own cert.
Update
I retried it some time back and it is fixed. And the whole suite of Firebase db/functions and corresponding sdk/cli are working really well. Great for small dev team.
Solution: Don't have to do anything about it other than just wait.
Faced the same problem when connecting to my custom domain on Firebase Hosting. However, it will only be insecure when the status is pending. The status can be found on your Firebase Hosting Dashboard.
My connection turned secured with a green lock after around 3 hours, and the status reflected in the dashboard changed to connected.
This error message called domain name mismatch warning that occurs because of the domain is pointed to a shared IP addresses.
You need to confirm that your hosting provider supports SNI technology which allows install different certificates on the same IP. Please ensure that the certificate is installed correctly on your desired server and enable SNI. If your hosting provider doesn’t support SNI technology, you should have to dedicated IP to host your SSL.
In the add custom domain menu, check by changing the setup mode to advanced and complete the provide token on existing domain task by copying the TXT value to your dns records according to the instruction.
This solved my problem.