I have a website on server 1 that has an SSL certificate, I need to move a new developed site to server 2 which has a new SSL certificate. The SSL has been installed on server 2, is there anyway to check if the site and the ssl certificate works before changing the nameservers from server 1 to server 2.
I have tried editing the hosts file on my computer with the IP address of server 2 and the site loads, but as it only shows the IP address in the url bar so there doesn't seem to be a way to tell if the SSL is working, if i add https:// to the domain IP it doesn't work.
Thanks in advance.
When you change the hostfile to the second server with the correct domainname it should listen as if it were used from a nameserver from the outside world.
For example, if you want to test server 2 with IP 194.194.194.194 with the domainname www.example.com you should add this line to your hostfile:
194.194.194.194 www.example.com
After you add this it is possible to go to https://www.example.com which should serve you the certificate if everything is configured right.
Cheers!
Related
In my Nginx server, I have added SSL to my subdomain using the chatbot.
https://www.example.com/ works but https://www.example.com:8081 doesn't work.
This page gives me "This site can’t provide a secure connection; ERR_SSL_PROTOCOL_ERROR'
Is there any way to configure SSL for this domain with a port?
I have written a Flask website which I hosted with waitress on a Ubuntu 20.04 VM server at port 5000, but now I'd like to do it more properly with uWSGI/Nginx.
To learn uWSGI/Nginx I am following this tutorial: https://www.digitalocean.com/community/tutorials/how-to-serve-flask-applications-with-uwsgi-and-nginx-on-ubuntu-20-04
Here in step 6 it tells my to configure Nginx as follows:
server {
listen 80;
server_name my_domain www.my_domain;
location / {
include uwsgi_params;
uwsgi_pass unix:/home/sammy/myproject/myproject.sock;
}
}
However if I now request the webpage for my domain, it only returns the default Nginx page.
But if I "hardcode" the public IP address of my server to the server_name:
server_name: my_domain www.my_domain MY_IP
Then it does show the correct page. I however have a feeling this is not the intended way to configure the server.
When I used the old waitress server i had told my DNS server redirect to http://MY_IP:5000/, but it is now set to redirect to http://MY_IP/. (with redirect mode 302)
So my question is, how should I set up my Domain name redirect or Nginx config so that it works without a "hardcoded" ip? Or is this something where I just need to wait the 48 hours for the DNS update to propagate?
Also an auxiliary related question, how do I make the browser url bar show the domain name instead of an IP address?
Thanks in advance!
You can go through my answer, hope it helps you as well
Regarding your question for URL name in browser, it will be there once DNS name is propagating properly and it shouldn't take more than 5-10 minutes.
Remove the IP from server name, its not supposed to be entered there.
I have a problem with configuring Godaddy DNS and Heroku hosting server.
The goal is: when I type www.example.com or example.com as URL, it needs to go https://www.example.com.
Right now when I go www.example.com or example.com, it goes http://www.example.com
Configurations are:
On Heroku
heroku domains:add www.example.com (SSL is working. Cert issued)
On GoDaddy
DNS record: type=CNAME name=www value=www.example.com.herokudns.com
DNS forwarding domain: forwardto=https://www.example.com forwardtype=Permanent(301) settings=Forwardonly
DNS forwarding subdomain: subdomain=example.com forwardto=https://www.example.com forwardtype=Permanent(301) settings=Forwardonly
P.S. If I manually go https://www.example.com the browser shows that it is secured
Edit: Update my nameservers and DNS settings to support this change is checked
Under GoDaddy doamin forwarding, make sure to check the box next to "Update my nameservers and DNS settings to support this change", then save.
If that is done. Confirm that your local dns cache has updated. Run these two commands, if the IP addresses returned are different, you may need to clear your cache or make sure that you haven't made manual changes to your host file.
nslookup example.com 8.8.8.8
ping example.com
Are you using Apache? If so, the .htaccess file is the best way to change the default domain.
Can someone explain to me how I need to configure my DNS settings using Galaxy and HTTPS? I obviously have no problem doing this on a provider with a static IP, but on Galaxy i just can't get it to work using DNSimple.
I want the following setup:
http://example.com -> https://www.example.com
https://example.com -> https://www.example.com
http:/www.example.com -> https://www.example.com
https://www.example.com -> https://www.example.com
Can someone please provide a TESTED and WORKING setup for this using FORCED HTTPS? Should i host my certificate on DNSimple or Galaxy? Should i add both domains on galaxy? What will my ALIAS and CNAME record be?
Im hosting on eu-west-1.galaxy-ingress.meteor.com .
Thank you!
The http:// and https:// are irrelevant to the DNS records, they are just telling your browser what protocol to use. example.com and www.example.com are two different Fully Qualified Domain Names (FQDNs), and both need A records to the static ip. So you would make a record on your root zone # IN A static-ips (# means zone root so equivalent to example.com. IN A static-ips), and you would need a second record for www, www. IN A static-ips). This will make sure both go to the right ip
Now for the ssl certificate, the cert has to match the FQDN that the browser is trying to access, so if you only have a cert for example.com, then it will fail for www.example.com, if this is the case you can make a new cert with the common name example.com, and add the Subject Alternative Name (SAN) www.example.com to the cert during creation, this will make sure it works for both
If you want users who access http://example.com to go https://example.com, then that can't be done through DNS, server side or client side you will have to detect this and redirect to https, and depending on what you're using to host your app (e.g. apache, node, etc), there will be more documentation on that
We have a Win 2008 server running IIS7. The webserver runs several sites, one of which requires SSL for its e-commerce / data-capture components:
www.domainA.com :80 & 443
www.domainB.com :80
www.domainC.com :80
www.domainD.com :80
I have installed a certificate for domainA and added an HTTPS/443 binding for the www.domainA.com website. However, if I try to access https://www.domainB.com, I am shown the content from the domainA site.
How can I prevent all sites using the 443 binding from domainA? When I add the certificate to the binding, I am unable to set the hostname. If I use appcmd to set a hostname, the site gets 2 bindings and access via SSL doesn't work.
Only domainA should allow access on port 443 and other sites should refuse the connection.
Thanks
James
SSL starts connection BEFORE any HTTP header is sent - so clearly the server has now way of distinguishing what domain this connection is for until SSL connection is established.
Your binding is correct - the other sites are NOT bound to port 443... but by the time the SSL connection is established and the first HTTP header is sent it is already on the IP address (the name has been resolved via DNS).
As to a solution:
To circumvent what you see you need to bind domainA.com to a different IP address than the rest (and modify DNS accordingly).