I recently purchased a security certificate for a website valid for www.example.com but not for *.example.com (wildcard version - more expensive)
The problem i have now is that although users can type http://example.com , the secure version (ssl enabled pages) https://example.com raises the invalid certificate exception - which is totally understandable.
How can i redirect https traffic to the www.example.com version before the request actually hits the server? i tried url rewritting and redirects without any luck. any ideas ?
The website is built using ASP.NET and Hosted on an IIS 7 server.
Thanks!
Spend another few bucks for a (~$30 at Godaddy) for a cheap cert for the shorter domain example.com.
It seems unlikely that a significant number of users users are typing in https://example.com. If they are typing in an address they are probably using http:// or nothing. You should be able to setup 2 virtual hosts, one for http://example.com/, and one for http(s)://www.example.com. Redirect everything from example.com to www.example.com
SSL is negotiated first, so there isn't really anything you can do to redirect connections from https://example.com to https://www.example.com if https://example.com has an invalid certificate.
Related
The error err_too_many_redirects appears in the browser enter image description here but nothing comes out in the nginx error log and I just registered the site in cloudflare. All traffic is redirected to HTTPS
This error generally occurs in Wordpress Sites which is due to a re-direct header sent by PHP.
So This is due to following reason:
You have enabled HTTPS redirect on your website either by ngin or php.
Cloudflare tries to open your site http://example.com and proxy it with https
When Cloudflare tries to open http://example.com, your site tells it to open https://example.com and cloudflare again tries to open http://example.com
This forms a redirect loop and due to which site could not open.
The best way to solve this is :
Disable HTTPS Redirect from your server side.
Enable Flexible SSL from Cloudflare
Enter a page rule on Cloudflare with input as http://*.example.com to Always use HTTPS
Can someone explain to me how I need to configure my DNS settings using Galaxy and HTTPS? I obviously have no problem doing this on a provider with a static IP, but on Galaxy i just can't get it to work using DNSimple.
I want the following setup:
http://example.com -> https://www.example.com
https://example.com -> https://www.example.com
http:/www.example.com -> https://www.example.com
https://www.example.com -> https://www.example.com
Can someone please provide a TESTED and WORKING setup for this using FORCED HTTPS? Should i host my certificate on DNSimple or Galaxy? Should i add both domains on galaxy? What will my ALIAS and CNAME record be?
Im hosting on eu-west-1.galaxy-ingress.meteor.com .
Thank you!
The http:// and https:// are irrelevant to the DNS records, they are just telling your browser what protocol to use. example.com and www.example.com are two different Fully Qualified Domain Names (FQDNs), and both need A records to the static ip. So you would make a record on your root zone # IN A static-ips (# means zone root so equivalent to example.com. IN A static-ips), and you would need a second record for www, www. IN A static-ips). This will make sure both go to the right ip
Now for the ssl certificate, the cert has to match the FQDN that the browser is trying to access, so if you only have a cert for example.com, then it will fail for www.example.com, if this is the case you can make a new cert with the common name example.com, and add the Subject Alternative Name (SAN) www.example.com to the cert during creation, this will make sure it works for both
If you want users who access http://example.com to go https://example.com, then that can't be done through DNS, server side or client side you will have to detect this and redirect to https, and depending on what you're using to host your app (e.g. apache, node, etc), there will be more documentation on that
My requirement is to redirect URL from https://abc/Testconnect to https://abc.xyz.com/Testconnect.
I am not able to redirect to https://abc.xyz.com/Testconnect and it is displaying as "The security certificate presented by this website was issued for a different website's address"
I am able to redirect from http://abc/Testconnect to https://abc.xyz.com/Testconnect.
Here xyz.com is the SSL certificate and abc is the Machine where application is deployed(application is deployed in IIS of the machine-abc)
I am trying to modify URL rewrite related code in web.config file of the application to redirect the URLs.
Kindly let me know how to achieve it.Thanks.
You can't.
When you hit any HTTPS site, the first thing that happens (after the connection is established) is an SSL handshake, where the browser says to the server "give me the certificate for abc". That has to succeed before anything else can happen. Your IIS rewrite rules won't even be looked at unless the SSL handshake succeeds.
So if you want to redirect from https://abc to https://abc.xyz.com, then you need a valid certificate for abc.
See this page for a description of the SSL handshake. About halfway down there's a good diagram showing the back-and-forth communication. At the bottom of that diagram is "Exchange messages" where all the IIS/HTTP logic starts.
I host my website on heroku and bought the domain from godaddy, here's how I set my DNS records
Records
A - # - Forwaded - 600 secs
CNAME - www - example.com.herokudns.com - 1 Hour
Forwarding
-- Domain --
Redirect to https://www.example.com
-- Subdomain --
example.com Redirect to https://www.example.com
www.example.com Redirect to https://www.example.com
Expected Behaviour
When I enter example.com or www.example.com, it should redirect to https://www.example.com
Result
Only example.com got redirected to https://www.example.com, www.example.com does not
What went wrong with my configuration ?
You can't have www as a CNAME and also www as a redirect. If you have the www CNAME aliased to example.com.herokudns.com it's going to go directly to your app on Heroku and make a connection. Your app must be the one to force the redirect to https at that point. I don't know what language you are using, but if it's Rails then set config.force_ssl = true in production.rb.
If your domain is pointing at Heroku with an A and a CNAME record, then the "forwarding" settings on GoDaddy will have no effect. To implement forwarding, GoDaddy points the domain to their own servers.
Once you point the domain at Heroku, all HTTP to HTTPS redirects have to be implemented at Heroku. You can no longer use Godaddy's forwarding. In any case, GoDaddy's URL forwarding is badly implemented and unreliable. You should never use it. See GoDaddy's 301 redirect/forwarding has some weird random middleman URL, kills link juice?
How to redirect HTTP to HTTPS at Herouku depends on what programming language you use. Basically, the redirect rule has to be programmed into your application. See their documentation for specific instructions for a variety of cases: Can Heroku force an application to use SSL/TLS? - Heroku Help
To actually use the Domain as the Web Address:
The A Record should be the IP Address
The CNAME only needs to be name: www value: #
Also I like to keep the TTL the same for the A and CNAME records.
Wait about an hour before testing to ensure the servers have propagated.
For Domain forwarding you only need to scroll down to Forwarding and select https or http (make sure that is correct). Then the web address/url to the home page.
Use a permanent redirect for SEO.
I have a WordPress website on IIS. I have a SSL Certificate setup for the site and that is working fine when I navigate to the site via https.
The problem is, I can still navigate to the site via regular http and of course I don't get the security of the SSL certificate.
How can I divert all traffic to the site that comes through http to the https?
Is this done via the web.config? I've tried all sorts, but nothing worked for me.