I have a several web sites running on a shared hosted server.
Every site except one I can enter in my browser https://webmail.example.com or http://webmail.example.com and they both work and resolve to the secure or insecure pages accordingly.
On the one site the page resolves correctly for regular http but I get a "404 Not found" error when I try https for the webmail subdomain of that site. https://myexample.com does work for all pages on that site (without the webmail subdomain).
All of the DNS settings are the same for all of the sites. There is a CNAME record webmail.example.com --> examplecom. None of the sites have a "proper" subdomain setup where the subdoman points to a directory, just the DNS setting. The SSL Status reports that the SSL cert for the webmail subdomain is valid.
Im not sure what else to check or how webmail ultimately get pointed to the webmail page.
Related
I am trying to get SSL working on a Windows server that is hosting our Umbraco sites. We have numerous sites all working within the same Umbraco installation and I have done the binding of the main domain to the SSL certificate on the server and set umbracoUseSSL to true. I have also added the domain with the https part to the culture and hostnames in umbraco.
The above is not working when I type my domain with the https?
My question is since I have not placed a UrlReWrite redirect from http to https is this the reason why I cannot see my website with the https or is it to do with something else?
I have a heroku app running on app.domain.com
I have a different app (strikingly landing page) running on www.domain.com
I turned on cloudflare for my domain.com and want to get SSL working. I've tried the flexible SSL cert.
However, when I request https, I get SSL errors (curl -I gives no alternative certificate subject name matches target host name).
The SSL cert appears to say "Active" on my Cloudflare console, and I've set up Page Routing for http://domain.com to Always use HTTPs
On the DNS page of Cloudflare, I hit the orange icon on the row for www and app to have them "enabled" but then I just get Invalid URL The requested URL "[no URL], is invalid." when hitting the site.
I'm trying to redirect all https traffic to http using this in Sinatra
get "*" do
if request.secure?
redirect request.url.gsub(/^https/, "http")
else
pass # continue execution
end
end
However, on a custom domain on heroku, my browser shows me the error:
This is probably not the site you are looking for!
You attempted to reach www.[domain].com, but instead you actually reached a server identifying itself as *.heroku.com.
My DNS is configured with the www subdomain having a CNAME pointing to [domain].herokuapp.com as per https://devcenter.heroku.com/articles/custom-domains
Is this a DNS issue? Is buying a SSL certificate the only way to allow all https traffic to redirect to http, on heroku?
If you were going to use that code then I'd make it a before filter, as that's really what it is.
However, if you've received a request at the application layer (which is where your Sinatra app sits on Heroku) then you need a certificate because the HTTP layer (where the Nginx proxy servers that deal with this sit) has already received the request and will attempt to deal with it as a secure connection but fail/raise an error because there's no certificate. That is the message you'll get if you try and reach an non SSL page/site via the https URI scheme. You can still access the site but the user has to click past a scary warning.
The only way I know of that may work without a certificate (but looking at this answer probably not) is if you had access to the Nginx configuration and did the rewrite of the URL (and probably some headers) there.
So I purchased a domain from 1and1, say it's www.mysite.com, and am hosting my app on Heroku myapp.herokuapp.com. I have two options for forwarding the domain - HTTP and Frame. HTTP forwarding seems to just redirect my URL from www.mysite.com to myapp.herokuapp.com, which isn't what I want. But I am having a problem with Frame redirecting - if I navigate on my site to various pages (e.g. myapp.herokuapp.com/users), it will still say www.mysite.com on the top, but not www.mysite.com/users. How can I get the URL path to display correctly?
You don't want to use the (i)frame method - it's bad practice and you'll get the issues you're having now.
What you probably want to do is:
Attach www.yourdomain.com to your Heroku app (via the web interface or the CLI[1])
Set up a CNAME record to point www to yourapp.herokuapp.com with your DNS provider, or use the Zerigo DNS[2] add-on if you don't have DNS hosting already (sounds like you do)
(Optional) Set up a re-direct to direct http://yourdomain.com to http://www.yourdomain.com, via your DNS provider/domain registrar - this is optional, but useful as Heroku does not recommend pointing your root domain (yourdomain.com) to their A records in case they change.
(Optional) Re-direct http://myapp.herokuapp.com/ to http://www.yourdomain.com/ from within your application code or similar (e.g. config.ru if you're using Rack to serve your content)
[1] https://devcenter.heroku.com/articles/custom-domains
[2] https://addons.heroku.com/zerigo_dns
I'm developing on Heroku a site with a couple of subdomains. One of them is signup (as in signup.myapp.com) which requires SSL access -- of course! But the rest of the subdomains, such as www, do not require https to access.
The problem is that the client only purchased an SSL certification for signup.myapp.com. This means that, when a user tries to access other places of my site with https (such as https://www.myapp.com), SSL certification does not validate and browsers tell the user that the site could be malicious... not good for branding.
I tried to make the site redirect from https to http, but of course this failed, because SSL was checked before the redirect could be sent.
Is there a way that I can deny access to these places of my site from https, so that users encounter, for instance, a 404 page instead? Or, do you know of any other ways to handle this situation? (the client is reticent to acquire a new SSL certificate, specially a wildcard certificate).
Unfortunately, you need a certificate for each of the domains (or a wildcard one as you mention), see e.g.:
How to redirect https to http without any SSL Certificate
The problem is that certificate is the first thing checked, way before anything else happens. If that fails, browser will typically display "get me out of here!"-kind of notification. There's no built in support for SSL-to-non-SSL transition.
You can shut down https://www.example.com (i.e. make your Web server not listen on port 443), but that of course won't yield a 404, also bad for branding.
With just one non-wildcard certificate, the only thing you can do is put all the pages under that domain. I.e. instead of https://signup.example.com/a/b/c, you need to do https://www.example.com/signup/a/b/c or something along those lines.
On the other hand, you can buy the certificate for under $100/year (or $150 total for 2 years) at GoDaddy:
http://www.godaddy.com/ssl/ssl-certificates.aspx
so, depending on your context, it might just pay off to pay this instead of doing any additional development.