I have a static IP and a web server in my network. I have made a NAT to forward calls to the IP in the web server (IIS 7.5 on windows 7). But I need to use https. For this reason I have to buy a certification and apply it to web server. I am totally new to certifications. How can I do this. Buying a certification and apply it.
Related
Currently, two different websites are hosted on different ports in the same server IIS8. Now we would like to move those websites on HTTPS 443 in the same server IIS and two different domains are available www.example1.com, and www.example2.com thus which type of SSL certificate need? Does the different certificate work for each?
IIS 8 and above supports SNI, so multiple sites can bind to the same IP:443,
https://learn.microsoft.com/en-us/iis/get-started/whats-new-in-iis-8/iis-80-server-name-indication-sni-ssl-scalability
If you find your attempts fail, you can go deep to Windows HTTP API layer to see if you get SNI certificate mappings configured properly,
https://docs.jexusmanager.com/tutorials/https-binding.html#background
or generate a diagnostics report,
https://docs.jexusmanager.com/tutorials/ssl-diagnostics.html
There isn't special requirements on certificates as long as they are valid for server authentication.
You can use the 443 port with both different websites in iis with different domain names and server Name identification setting
you can buy any trusted root CA server certificate for your domain and you have to buy two different certificates.
I have a new laptop. I am connected from my home wifi network via VPN to my company network. In the old one when I enable manual proxy (needed for some scan app to record internet traffic) there are no issues. In the new one once I change to manual proxy, access to all internet and intranet sites fail due to non trusted certificates (no issue when not using manual proxy). The failures are the same in all browsers. Both laptops have windows 10.
"security certificate is not trusted by your computer's operating system"
Your PC doesn’t trust this website’s security certificate.
The hostname in the website’s security certificate differs from the website you are trying to visit.
Error Code: DLG_FLAGS_INVALID_CA
DLG_FLAGS_SEC_CERT_CN_INVALID
Any idea?
Now I installed xampp in Amazon Windows Server 2012 R2 and followed more than one way including that How to Create Valid SSL in localhost for XAMPP but it worked for me Only the virtual system but in public it doesn't appear to be secure
here photo on my own pc not rdp amazon in rdp amazon i see him secure Is there a way to make all computers
Sorry for the way to explain the problem, the important thing now is to make anyone who enters the forum find ssl
I'm hosting a website on Windows Server 2012 R2. I'm able to access the site with no problem via the assigned ip address and as long as I'm on my home network. However, when I try to access the site using a public ip address, it defaults to my NAS (MyBookLive).
Baffled.
Thanks.
This is intentional.
When a user connects to your ip address, any inbound requests are blocked for security. You would need to open ports on your home router (most likely 80 and 443) and direct the traffic to an internal ip address.
Even if you do this, it is very likely that it would not work. Most residential internet providers do not allow you to host web/mail servers on the internet. If someone compromises your webserver, they would have access to your entire network.
You are better off with a dedicated hosting provider (AWS, Amazon, Google Cloud).
I am working to setup my application to watch calendar events through Google's Calendar API. In doing so I must setup a "Push" endpoint on my server that has a valid SSL certificate (not self-signed).
My production environment is running on Heroku so setting up an SSL cert was easy using Expidited SSL. I have two CNames setup in GoDaddy, one for my production application and one for my development environment tunneled through ngrok. I'm using the paid ngrok feature of white labeled domain tunneling (dev.mydomain.com).
Host Points To
www saga-1234.herokussl.com
dev ngrok.com
The problem is that my ssl certificate is recognized when you hit the production application (www.mydomain.com), but it uses ngrok's certificate when you visit the development application (dev.mydomain.com).
How can I setup my ngrok tunnel to use my ssl certificate?
Ngrok's white labeled domain does not support HTTPS if you are using your own domain. Simply because it serves it's own certificate, where you need to serve your domain's. That's why you are getting certificate mismatch issue.
Here's what you could do to watch calendar events on your dev machine:
Point ngrok.mydomain.com to another server, let's say a new EC2
micro instance
Point wildcard CNAME to ngrok.mydomain.com
Compile ngrok server and client to use your certificate (rather than
ngrok.com)
Run the ngroku-server on EC2 instance
On your dev machine config the client to use ngrok.mydomain.com instead of ngroku.com
Run ngrok -subdomain=dev 80
Your local dev machine's 80 port should be accessible via https://dev.mydomain.com
This is really cool and is very helpful when debugging Google's webhooks, which require valid HTTPS and a verified root domain name.
Another interesting trick is to use CloudFlare's universal SSL to have a valid https://dev-machine.mydomain.com pointing to your dev machine without purchasing a certificate. The steps are exactly the same except that you need to issue your own certificate for ngrok client-server communications and use CloudFlare's Flex SSL for dev-machine.yourdomain.com.
ngrok has a new feature that tunnels and terminates SSL. Thus you can use your own domain and HTTPS. No need to open ports in your router or PC. They call it TLS Tunneling. The following is a link to a GitHub repos that describes how to do it.
How to use your own domain to access your home PC over the internet. Use HTTPS without raising SSL errors.