I am going to set up secure hosting through my hosting company for a facebook app, I am wondering if it is possible to host multiple apps under one domain, one unique IP and one SSL certificate because multiple IPs and certificates cost more money and a wild card certificate is not an option.
Also let's say the content for app is under http://www.site.com/content/app1
when the SSL is added can the content be still under the same folder and accessed via
https://www.site.com/content/app1.
Thank you.
Not a problem. Just put them into separate subfolders on your server. When you setup your app just set the URL's to the subfolders.
Related
I’m using Plesk Obsidian and I need to host an application on it (a website builder).
On this application, users can create websites on subdomains, and the application will determines what website to show itself by checking the subdomain. Multiples main domain are available.
website1.domain1.com
website2.domain2.com
website3.domain3.com
All the main domains (domain1.com, domain2.com and domain3.com) and also all the subdomains must:
Go to the same directory in server
Be secured by a SSL certificate
Also, as users can also have a custom domain, I need to be able to add it and set the same directory in server and get a SSL certificate.
I’ve tried to create a service plan and a subscription and added the first domain (domain1.com) to it.
For the others domains, I’ve added an alias (domain2.com and domain3.com).
The problem is that I can’t add the wildcard for those 2 domains and have a wildcard SSL neither.
So accessing to anything.domain2.com result to a NET::ERR_CERT_COMMON_NAME_INVALID error.
For others domains set as alias, SSL need to be regenerated each time we add a new domain and they're are bonded to the main domain...
If it's not possible through Plesk interface, I'm not against build a custom script launched in command line.
However, I don't know were I can put those custom generated virtualhosts without risking to be erased on Plesk update.
You can set up a wildcard SSL as far as you use a CA that admits wildcards on the SAN (which nowadays are almost all of them).
Concretely, if you want free certificates issued by Let's Encrypt, you just need to follow the following steps:
Log in to Plesk
Install the Plesk extensions SSL It! and Let's Encrypt
Go to Domains > domain1.com > Hosting Settings
Make sure SSL/TLS support is enabled
Go to Domains > domain1.com > SSL/TLS Certificates
Click on Install > More options > Install a free basic certificate provided by Let's Encrypt
Select explicitly Secure the wildcard domain
Click on Get it free
Same for the rest of the domains.
I have two hosting accounts (Personal one and a work one). I am doing some testing and would like to create a subdomain of a work domain (manage.domain.com) and host it on my personal account. Currently, my personal host is through 1and1 and is dedicated while the work one is shared with GoDaddy.
Work
I have gone into go daddy and created the subdomain. I have also added DNS records such as A, AAAA AND NS (i did not record a CNAME). I have noticed that if is type manage.domain.com it is redirecting to my personal server. However, it is directing to the blank admin page of the root of the server (which is maintained using Plesk).
Personal
Using Plesk I added the website (domain.com) and created the subdomain (manage.domain.com). I have also updated the websites hosting access using Plesk and assigned it the default values of my personal account. Using Plesk I also set the subdomain to the particular location of the files I want to test. However, I cannot get my server to recognize the address and redirect it to the proper location.
Any help is greatly appreciated!
J
You can just create:
in personal account domain(not subdomain) manage.domain.com
on domain.com add DNS record of type A, name "manage" and IP address of personal hosting:
After that "manage.domain.com" will resolving to hosting of your personal account and can be accessed because such domain exists.
I figured it out
What i did above was correct expect do not change the name servers on the work DNS(godaddy).
Add the website to plesk - it will give you an error about not being able to control the DNS settings which you have already adjusted on the original server (godaddy)
Add a subdomain of the website.
*** Ensure the subdomain is pointed to the correct folder within your server
Done
I am working with a client who needs SSL on their Email and Web Site.
We have their site hosted on a Rackspace Cloud Site (Wordpress so Apache and all that jazz).
From what I can tell their Email is on an ISS server of their own.
They want to apply this SSL Cert they bought through GoDaddy and apply it to this email server and to the site on our hosting server. Now I am only a Web Developer with enough server knowledge to get sites launched and running, But I don't think you can apply the same SSL Cert on two different types of servers.
What would the solution be for this?
Would you purchase a second ssl? Is that even possible?
Sorry if this is a all completely wrong I am trying to use my limited knowledge of SSL to describe the situation.
I'm pretty sure you can use the same certificate if it's going on two servers as long as they are both using the same domain. You don't need to purchase a second ssl. The tricky part might be if the two servers require different certificate file formats.
Also, just do the CSR part on ONE of the servers (use the one you trust the most). On the other server just install the certificate bypassing the CSR part.
I am working on my first app for Facebook and facing (probably) with the SSL problem. If I am testing the app, so it's working well. But then I wanted to test the app by my friend - so I assigned him the role "Tester", he accepted it and I sent him the link to the app.
If he opened the app, he got the error The website is not available - Error 501 (net::ERR_INSECURE_RESPONSE): Unknown error
I started google it and it looks that the cause is the missing SSL certificate on my hosting, where the app is stored.
BUT - how is possible, that the app is working me well without the SSL and to my friend doesn't? If the SSL is required for Facebook apps, why I didn't get the same error?
(I set Secure Canvas URL: to https://example.com/fb-app-directory/, however I don't have at this domain and hosting any SSL certificate).
I never used before SSL. I bought the domain name on Namecheap and hosting on Hostgator. So now, I should buy a SSL certificate from the offer (http://www.namecheap.com/ssl-certificates.aspx) of Namecheap, right?
Would be suitable for the Facebook app the cheapest one?
Look, this SSL problem can only be solved by purchasing a valid SSL certificate or looking for a server which can host your app and is SSL certified such as:
phpfog.com - Provides you with some limited space and database service.
heroku.com - Does not provide any storage space for saving dynamically generated data. To have that service, you have to buy the Amazon buckets service which, again, is a costly affair.
If you don't want to invest any money, I would recommend that you go with phpfog - it is easy and its documentation is pretty good.
You should buy an SSL cert in order for everyone to be able to access your app. Your friend probably has his settings set so that he browses Facebook securely, in this case he is hitting https://example.com/fb-app-directory/, not your actual URL.
The cheapest one isn't the best one, but it should work as long as it's valid. I would suggest using Heroku though, as that way you get everything you need - for free :)
Use a proxy in heroku.com and bring your page in secure domain as https://yourapplication.herokuapp.com/
"Starting October 1, 2011 Facebook will require a valid SSL Certificate for all pages and applications hosted outside of Facebook."
http://www.wpcode.net/fb-ssl.html/
Maybe you are visiting your application with http://apps.facebook.com/... and your friend is visiting with https://apps.facebook.com/....
Another possibility is that your friend has checked "Browse Facebook on a secure connection (https) whenever possible" under "Account Security".
Try ngrok. It exposes a local web server with just one command:
ngrok 80
After this you can access your localhost like this: xxxxxxxx.ngrok.com
The quiz can't be viewed by any other users, unless the "Secure URL" is updated. But I can't figure out how to do that.
This simply means you must have an SSL certificate on the domain that hosts your canvas page. I would recommend rapidSSL.
Here is a general overview of what this entails: http://webnet77.com/SSL-certificates.html
Here is what we do:
get yourself host account with dedicated IP or better linux dedicated server
ask your host to generate Certificate Signing Request or do it yourself use openssl (don't know how to do it on windows)
get cheap ssl certificate (like rapidSSL) 9.90 per year or something just domain verification, google it.
send them your CSR
wait like 10 minutes
find your cert in your inbox attached
install it according to your server (Apache uses mod_ssl)
test it