I have a wordpress installation and I have a security certificate installed for the main site, however, it is a subsite installation and how do I make the security certificate work for all the wildcard (*) subsites?
For securing sub domains of the main domain you will have to enable wildcard ssl certificate at only main domain name.
For example:
If you have domain name xyz.com and want to secure its all sub domain names then you will have to enable wildcard ssl certificate at *.xyz.com then it will automatically will secure its all first level sub domains like blog.xyz.com, payment.xyz.com etc.
As per you requirements, you need to obtain a new Wildcard SSL certificate to protect your subsites (sub-domains). It will protect your entire website and its multiple sub-domains. To obtain this certificate, you have to add a single asterisk (*) just before your domain name (i.e. - *.yoursite.com), it will allow to secure all first-level sub-domains.
As you mentioned that you already have an SSL certificate for your main website, but managing individual certificates for your main site and each sub-domain will be horrible and time consuming for administrators. Wildcard SSL certificate is perfect, flexible and money saving certificate in the state of sub-domains security.
Related
I'm having hard time in understanding how the SSL part of this firebase works
as there is no option to change
and its causing many issues if we use other SSL apart from firebase
is there any way where we can disable firebase ssl
and use custom one
or can some one tell me how to reset this ssl issued by firebase (which is different domain and its just partial not full/strict https)
The SSL certificates Firebase Hosting uses come from letsentrypt.org. They are full SSL certificates, but they are shared between many domains. From the Firebase documentation on its SSL certificate provisioning:
Your domain will be listed as one of the Subject Alternative Names (SAN) in the FirebaseApp SSL certificate. You can view this certificate using the browser's security tools. While the domain is provisioning, you might see an invalid certificate that does not include your domain name. This is a normal part of the process and will resolve after your domain's certificate is available.
If your project is on the paid Blaze plan, you can reach out to Firebase support to set up a SSL certificate you provide on Firebase Hosting for it.
I'm using Wordpress multi sites with the domain mapping plugin. My websites used to run on sub domains the name looked like this example.test.com and the main site was test.com. With the domain mapping plugin I managed to turn sub domains into normal looking domains. my sub domain now looks like example1.com. My question now is: Do when I install an ssl certificate on which domain do I need to install this on, the sub domain or the domain I map to ?
Normal SSL certificates are for single domain or subdomain only. But, you can get Wildcard SSL, and that one SSL covers all subdomains for a single domain. Or get Let's Encrypt free SSL for each subdomain (if your host supports it).
I am about to move my website/App from https://www.example.xx to https://www.example.com
I am thinking about making a redirection in the .htaccess from the .xx to the .com
The question is shall I renew the https certificate on the .xx bearing in mind that some users might have bookmarks to https://www.example.xx ?
What would happen if a user tries to reach the .xx url on https after the certificate expires and the .htaccess having a redirection to the .com?
If application is hosted on the same server (assuming, you just change DNS address for your app) and you own both domains, you would need to purchase single certificate for both URLs: www.example.tld and www.example.com and bind this certificate to web site.
and you will have to maintain both URLs in the certificate until all users update their bookmarks to point to a new web site.
HTTPS redirection requires valid SSL certificate for all redirection URL.
I am building an eCommerce platform and I would like to give my user's the ability to point their domain (e.g. bobsburgers.com) to an HTTPS-protected subdomain on my site (e.g. bobsburgers.shoplolz.com). Getting a wildcard certificate for the dynamic subdomain is simple, but how does one allow their users to use their own domain while requiring HTTP? I'm currently hosted on Heroku but I'm curious at a higher level how this can work, if at all.
Based on my research the only way to do this is to have the site owner upload an SSL certificate and use an HTTPS-enabled reverse proxy which can be configured dynamically to accept new SSL certificates for newly added domains.
I manage a hosting server using WHM. I have two cPanel accounts on this server, one for exampletest.com (account name is exampletest) and one for example.com (account name example). We have a Wordpress site that was working well at exampletest.com but we keep running into problems when we try to migrate it to example.com. I believe it has to do with one WordPress plugin that doesn't migrate well.
So we had the idea to simply take the example.com domain and point it to the exampletest cPanel account, then update the domain for WordPress in the database. However, one potential issue I can see is that we have many active email addresses on the example account. I fear that associating the example.com domain to the exampletest account will break the email addresses.
Keeping the above in mind, I have a couple questions:
Will associating the example.com domain to the exampletest account break the emails? If so, is there a workaround (moving the email addresses to the new account somehow?)
Is there a better way to go about doing this that I'm not thinking of?
The best way of transferring your wordpress site would be to copy the files, create a database user with the same login details and import the database. Wordpress shouldn't be able to tell the difference.
One way would be to assign a static IP address to exampletest and point example.com's A record to that IP.
Due to the way WHM's DNS and port binding is set up it will not let you set up the same domain on two seperate accounts.
You could treat www. as a seperate subdomain and add the subdomain www.example.com to exampletest as an addon domain and remove the www A record from example first. Redirect all web traffic from example.com to www.example.com or use another sub-domain such as www2.
Another option would be transfer the emails, you can either use the transfer tools in WHM > Transfers or use http://imapsync.lamiral.info/