I have created a .pfx file in order to certify the site.But in our website we are using links to two sites managed by third party which is not HTTPS.If this is the case and if i do certification in our website will it be effective.As a trial i have implemented pfx file in IIS, when the client machine accessed site first it will prompt with usual dialogue, and after forcefully moving in to the site, if you install it in local store, and if you clik "show all content" on the bottom of the IE, we can see all the data with HTTPS link.But no padlock in the left side of the browser, why i am not getting the padlock? if you dont have padlock and if the site is HTTPS doe that good? is there any better implementation for this scenario.One more question is if we have an HTTPS site which contain HTTP sites from third party deployed in different server, does that work properly with SSL?
The proper way to create an SSL certificate for an asp.net website is well explained in this tutorial, check,
ssl integration tips
Related
I have a streamlit web application. It is hosted on a vps server, combined and configured with nginx. Additionally, I received and configured access by domain name, received a ssl certificate.
I would like to place this application in Google search engines. So that when you enter a domain name into Google, it appears in the search results. I looked at the google documentation on how to do this. Actually there are two ways:
Creation of a special html page in the root directory
Adding a meta line on the main page of the application.
It seems to be nothing complicated, but how can this be done if I use streamlit as the basis of the web application? Can you give an example of what needs to be done to confirm the right to host the site?
Last week I was able to build and run a locally-hosted .NET website without any problems. However, for the past couple of days I haven't been able to get around this error:
ERR_CERT_COMMON_NAME_INVALID
This error message appears in both Chrome and Firefox. Edge and IE will load the page but block all AJAX requests without explanation.
The website is configured as an application in IIS and uses a self-signed certificate (created in IIS).
I encounter the same problem with running a completely separate .NET website so I doubt it has anything to do with each website's individual configurations.
My colleagues are able to browse their locally-hosted versions of the same website using a self-signed certificate in the same browser versions as I have installed.
Please, can someone tell me what might have happened to my setup, why are browsers no longer accepting my certificate, and how to get back to a running localhost website?
I'm a PHP developer and to be able to work on my development environment with a certificate, I was able to do the same by finding the real SSL HTTPS/HTTP Certificate and deleting it.
The steps are :
In the address bar, type "chrome://net-internals/#hsts".
Type the domain name in the text field below "Delete domain".
Click the "Delete" button.
Type the domain name in the text field below "Query domain".
Click the "Query" button.
Your response should be "Not found".
You can find more information at : http://classically.me/blogs/how-clear-hsts-settings-major-browsers
Although this solution is not the best, Chrome currently does not have any good solution for the moment. I have escalated this situation with their support team to help improve user/developer experience.
You should redo these steps every time you go on the server that contains the main HTTPS Certificate with HSTS clause.
I have an IIS running on the server and a website (.net) running perfectly on http (80) and https (443). And i have a new Wordpress website. I wanna publish the wordpress site on the same domain. In order to do it i will remove the files of the present website and place the new site's files and in theory,i expect IIS will start to show this new site. And all the bindings and everything s set on IIS for this SSL certificate for the same domain. So my question is , can i expect that new site will run perfectly on http (80) and https (443)? Or will https fail?
Yes, in theory it should work but as you know with IIS, what is true in theory may not always be true in practice.
What you will find tricky is that Wordpress is heavily reliant on URLs and it may be tricky to run both options, ideally you should force one or the other but there are techniques that allow you to run both.
I can't speak for the effectivity or efficiency of this but here's a link: https://blog.rabin.io/sysadmin/make-wordpress-site-work-both-http-https
Well in theory it supposed to work but it didn t. Eventually i figured that SSL certificate was revoked.
I have a site www.testsite.com that is hosted by wordpress.com, I'm trying to issue a certificate so I can have https.
Is there any good methods to use when I cannot really install letsEncrypt's ACME client on my wordpress.com's account?
One way to issue your certificate for your wordpress (and actually, for any other website type), is to install (clone) Let's encrypt to your machine.
The main and very basic idea is that Let's Encrypt (LE) wants you to prove that you do have access control to your domain. This is achieved through a challenge. You have to output a string they provide you inside a folder. For example, at yourwordpress.com/.well-known/acme-challenge/
the (LE) authority wants to read a long string it provides you.
So, inside your wordpress site folder, create those directories.
Once this is successfully checked, LE, saves your ssl certificates in your local machine with root privileges.
Now you have to upload those certificates *.pem to your server. This last step is different depending on the company server.
Here is a nice tutorial that worked for me to get the LE certificates.
I have two web site that are 99% similar. They share all of the same pages except the difference being that the logos change, a few of the links change, and the products that show up on either web site are flagged to show up on either or, or both. They use the same database.
I have written a utility method that essentially injects a where clause into any database access code I write throughout the app to determine which products to display depending on the current URL.
Problem: Website B gives the user a warning message that the site they are trying to go to is in fact Website A. I've read that the SSL cert needs a distinct IP.
Right now how I have everything set up is very clean on a maintenance perspective. I can update files in one place. Any suggestions on how to make the SSL behave, or am I looking at seperate IP's for the hosting(I really don't want to have to do this)?
If the latter, what do you suggest?
Site runs ASP.NET 4.0. Precompiled DLL.
UPDATE: Thanks to #GregS comment
If the sites share the same domain you can use a wildcard certificate
site1 - site1.somedomain.com
site2 - site2.somedomain.com
Otherwise you will need to get a UCC (United communications certificate) that will be for both domains.
You will need to configure IIS 7 from the command line because the GUI doesn't support setting different host headers for the same certificate. This tutorial shows how it can be done.
I setup another website in IIS that points to the same files as the first web site, got another SSL cert for the new site.