Closed. This question is opinion-based. It is not currently accepting answers.
Want to improve this question? Update the question so it can be answered with facts and citations by editing this post.
Closed 4 years ago.
Improve this question
Please can you advise whether we need a wildcard SSL or 2 separate SSL certificates?
My domain DNS A records are:
mydomain.com /
*.mydomain.com
We have built an application with Zend Framework which will alter routes and create subdomains for 1000's of users like user.mydomain.com
You'd need a wildcard certificate. A standard SSL certificate verifies a SINGLE dns hostname, like "www.domain.com". You'd need a separate certificate for EACH of your individual user hostnames, which will probably bankrupt you and make godaddy/verisign very happy.
I believe Marc is wrong here. I have a zend application that secure multiple subdomains using a single wild card ssl certification. The only issue is that all the subdomains have to be under the same root domain. You can't mix different subdomains with different domains.
For example, user1.mydomain.com or user2.mydomain.com.
In apache, you should set a catch all for the ssl port and you're good to go!
<VirtualHost *:443>
ServerName admin.mydomain.com
ServerAlias *.mydomain.com
DocumentRoot /var/www/public
SSLEngine on
SSLCertificateFile "/Applications/MAMP/conf/apache/server.crt"
SSLCertificateKeyFile "/Applications/MAMP/conf/apache/server.key"
</VirtualHost>
Wildcard SSL is relatively expensive, considering you only have 2 sub domain, it's better to use multi-san ssl which are used to secure 2 domain (or sub domain) only. The latter one is much cheaper.
Related
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 4 years ago.
Improve this question
I am new to SSL.
Right now I am developing an cordova mobile application.
According to digicert tutorial, there are 5 steps for ssl handshake(? I am not sure if this is right terminology)
Browser connects to a web server (website) secured with SSL (https). Browser requests that the server identify itself.
Server sends a copy of its SSL Certificate, including the server’s public key.
Browser checks the certificate root against a list of trusted CAs and that the certificate is unexpired, unrevoked, and that its common name is valid for the website that it is connecting to. If the browser trusts the certificate, it creates, encrypts, and sends back a symmetric session key using the server’s public key.
Server decrypts the symmetric session key using its private key and sends back an acknowledgement encrypted with the session key to start the encrypted session.
Server and Browser now encrypt all transmitted data with the session key.
I am trying to send a request to a backend server which is secured with SSL. Is there any extra step that I have to implement in order to do steps 1-5 or is all I have to do changing the url from http to https? If I send a request to https://url, Are steps 1-5 going to be done automatically?
The SSL Handshake steps you have explained are perfect and in a proper queue. You do not need to implement any extra step.
The SSL Handshake process will be held between the browser and server, If the genuine SSL installed properly in the server, the browser will complete the handshake process without falling for any error.
I feel like this is pretty straight forward but struggling to find a clear answer.
All I need to do is point example.com/path to a different server and keep example.com/path as the URL.
My question is: does the receiving server need to have its own domain to receive the redirect?
So, for example I would use a sub domain and point example.com/path -> sub.example.com/path?
How would I do this? Or is there a cleaner way?
We've been advised to keep the path as is (example.com/path) for SEO and not use a sub-domain (although, I suppose it's fine for redirect purposes).
Add this to your main site's Virtual Host configuration:
ProxyRequests Off
ProxyPass /path http://any.other.example.com/path
ProxyPassReverse /path http://any.other.example.com/path
For this you need to have mod_proxy enabled, with this line in your httpd.conf:
LoadModule proxy_module modules/mod_proxy.so
(but I believe it is enabled by default)
I have two domains that are both hosted on the same server. Therefore, they both have the same index.html page, and they share all of the other pages. This means that there are two ways to access every file stored on the server:
domain1/file
And
domain2/file
Is there a way to redirect the user to the respective domain1 URL whenever they go to a domain2 URL? The catch is that I only want to redirect if a domain2 URL is gone to.
How can I achieve this programmatically?
Just because you have two domains running on one server does not mean they have to share index.html. The way around this is by using Virtual Hosts. You didn't mention which web server type you are using, so I'll give you an apache example:
<VirtualHost *:80>
DocumentRoot /www/example1
ServerName www.example.com
# Other directives here
</VirtualHost>
<VirtualHost *:80>
DocumentRoot /www/example2
ServerName www.example.org
# Other directives here
</VirtualHost>
This allows you to have two directories, each serving as a root path for each domain. You'd put the domain1 files in /www/example1, and the domain2 files in /www/example2, in this example. There are some other configuration options you may need, but again depending on your setup, they could vary greatly.
If you are using IIS, there's a writeup over on Server Fault that has information on how to perform that. (This question probably belongs there anyway).
Closed. This question is opinion-based. It is not currently accepting answers.
Want to improve this question? Update the question so it can be answered with facts and citations by editing this post.
Closed 8 years ago.
Improve this question
If I was needing a secure contact form that uses SSL to encrypt/secure a contact email form would I need an actual SSL certificate or would CloudFlare's Flexible SSL be enough?
According to Cloudflare, Flexible SSL only provides SSL between the visitor and CloudFlare. Therefore visitor sees HTTPS on your site, but there will be no SSL between CloudFlare and your web server. However your visitors will still see the site as being HTTPS enabled. But This doesn't mean that you will get secure connection all the way from client to server. If you really need security, go with cloudflare's Full SSL or Full SSL (Strict). In that case You'll need to have a valid SSL certificate installed on your web server.
References : SSL at CloudFlare
Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 11 years ago.
Improve this question
note: I'm working on wordpress but this isn't a wordpress question.
I have a wordpress site sitting on my local machine and I need it to send emails to newly registered users.
I managed doing it with a plugin.
As a mail server I'm using the SMTP server of the host of my online websites (justhost).
The settings I'm using are:
SMTP Host: mail.mydomain.com
SMTP Port: 2626
Authentication: SMTP authentication
username: my username on justhost
password: my password on justhost
In the Encryption setting I chose no encryption, since this is the only way I managed sending a mail. SSL encryption didn't work.
So my question is: is this unsafe? Are the message contents exposed?
And more importantly - are my username and password exposed?
If there is an attacker between you and your SMTP server he can intercept the message. And I think your password is exposed too.
But why don't you simply look into your traffic with wireshark?