Please advice needed SSL .htaccess
-
Hi everyone, I recently installed verisign ssl. the idea to have page https://example.com
all redirect from non-http to https work properly, but in IE whenever smbdy types https://www.example.com it shows the red screen with invalid certificate. If you click "proceed" - everything goes to normal page and on server redirect www to non-www seem to work fine. Is there way to get rid of the warning? Is it server or certificate issue?
Here is the peice of code from htaccess. Please, advice needed!
RewriteEngine On
RewriteBase /RewriteCond %{HTTPS} !=on
RewriteRule ^(.*) https://%{SERVER_NAME}/$1 [R,L]
RewriteRule ^index.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
Thanks in advance
-
Like I thought, you need to buy another certificate for https://www as it is considered another domain in modern browsers.
Thanks to all for responses
-
Thank you all guys, but Certificate installed correctly. I verified it several times with server administrator and VeriSign.
We have problems with intermediaries before but we fixed them.
As I understand the certificate is issued for "https://example.com", so whenever somebody types "https://www.example.com" it shows that certificate is not valid for this domain.
I am just about to find out, calling VeriSign
-
Thank you all guys, but Certificate installed correctly. I verified it several times with server administrator and VeriSign.
We have problems with intermediaries before but we fixed them.
As I understand the certificate is issued for "https://example.com", so whenever somebody types "https://www.example.com" it shows that certificate is not valid for this domain.
I am just about to find out, calling VeriSign
-
I wouldn't install the certificate to get around this problem. In fact, that could make things harder to fix because your browser has now been fixed but everyone else get a scary SSL error that drives them off. Your end user will not know how to install a certificate, nor should they need to.
You either need to fix this in Apache or your control panel software (if you use one).
-
It definitely sounds like your certificate is not installed correctly. I wouldn't worry about the htaccess until you have the SSL version working properly.
Something you might have missed is an intermediate certificate (sometimes called a CA certificate). That helps the end user browser validate the signature. I don't use Verisign so I don't know if they use one, but other SSL providers I use do.
-
Serge,
It sounds like the certificate is not properly installed on the server. The steps to install a Verisign SSL certificate are (from memory):
-
generate a CSR from your server. The method to do such varies based on your hosting setup. If you use WHM, there is an option within the panel. If none of this makes sense, contact your web host for guidance.
-
Verisign will provide you with the key. This key then needs to be installed on your server. You can do this via WHM or contact your web host provider.
-
Verisign has a tool which verifies the certificate has been properly installed. If the certificate is installed correctly, users will not see the warning you mentioned in IE nor any other browser.
-
htaccess is not related to the above process. What the change in htaccess allows you to do is ensure visitors can only view your site in https://
-
once the above is complete, you will want to review your code to ensure all images and other objects are presented only in https on secure pages. If you skip this step, users will receive a "not all items on this page are secure. Do you wish to view the unsecure objects" error.
-
now you can add your Verisign trust badge to your page(s)
Good Luck.
-
-
Thanks Harald. It is not about me, I don't want my visitors to run to the screen like that. I know that Bank of america had a problem like that, they fixes it.
Some other top websites still run like that on https
One friend today told me that you need to buy additional Certs or smth like that. I never worked with SSL before so this is smth that I need to find out.
I will call Verisign tomorrow and post here what they say
-
Hi Serge, First of all I want to SSL error is about the the certificate issue error & not of the server error.here I'm defining you the steps to fixed the error:
FIXED: Here’s how I fixed this problem (you do not need to buy or install any 3rd party certificates or software), the certification error is nothing to worry about. You can fix the error by following these steps:
1. Navigate to the page where you are presented with the Certificate Error and click on “Certificate Error” in the Address bar
2. Click on “View Certificates”
3. Click on “Install Certificate” and then Next
4. Select “Place all certificates in the following store” and click on Browse
5. Select “Trusted Root Certificate Authorities” and click on OK and then Next and Finish
6. Click on Yes and OK if you are asked whether you would like to install the certificate
7. Click on OK twice to exit windows and close and then open Internet ExplorerYou should no longer get the Certificate Error.
You can get more detailed information about how to fix this problem fromhttp://www.ubishops.ca/faqs/Cert.htm or http://www.brightvisions.co.uk/Secondly, the piece of code from htaccess ,Sometimes you may need to make sure that the user is browsing your site over securte connection. An easy to way to always redirect the user to secure connection (https://) can be accomplished with a .htaccess file containing the following lines:
RewriteEngine On RewriteCond %{SERVER_PORT} 80 RewriteRule ^(.*)$ https://www.example.com/$1 [R,L]
Please, note that the .htaccess should be located in the web site main folder.
In case you wish to force HTTPS for a particular folder you can use:
RewriteEngine On RewriteCond %{SERVER_PORT} 80 RewriteCond %{REQUEST_URI} somefolder RewriteRule ^(.*)$ https://www.domain.com/somefolder/$1 [R,L]
The .htaccess file should be placed in the folder where you need to force HTTPS.
I hope that your query had been solved.
Browse Questions
Explore more categories
-
Moz Tools
Chat with the community about the Moz tools.
-
SEO Tactics
Discuss the SEO process with fellow marketers
-
Community
Discuss industry events, jobs, and news!
-
Digital Marketing
Chat about tactics outside of SEO
-
Research & Trends
Dive into research and trends in the search industry.
-
Support
Connect on product support and feature requests.
Related Questions
-
This my site i want rank in doubi any advice for me
this my site i want rank in doubi any advice for me http://alsuntranslation.com/
Technical SEO | | ATS_SEO0 -
Ecommerce website - Transition from one subdomain to another. Please help!
Hi MOZers, I have an ecommerce website with its mobile version of the site sitting in a subdomain. It is going to be transferred to another subdomain on the same website. How do I ensure that I save/carry over most of the traffic, authority and equity to the new sudomain? At the moment, we are not looking to get rid of the subdomain but maybe later, yes. Malika
Technical SEO | | Malika10 -
Is anyone able to check this 301 redirect for errors please?
Hi, I had a developer write a 301 wildcard for redirecting old hosted site to a new domain. Old URLS looked like /b/2039566/1/akai.html
Technical SEO | | Paul_MC
With varying letters & numbers. I have 26,000 crawl errors in GWT and I can only imagine it's because this is looping?
Can anyone advise if this would be causing grief? Thanks
Paul RewriteCond %{HTTP_HOST} ^vacuumdirect.com.au$ [OR]
RewriteCond %{HTTP_HOST} ^www.vacuumdirect.com.au$
RewriteRule ^/?$ "http://www.vacuumbag.net.au/vacuum-cleaners.html" [R=301,L] <ifmodule mod_rewrite.c="">RewriteEngine On
RewriteBase /
RewriteRule ^p/([0-9]+)/(.*) default/$2 [R=301,L]</ifmodule> <ifmodule mod_rewrite.c="">RewriteEngine On
RewriteBase /
RewriteRule ^c/([0-9]+)/1/(.*) default/vacuum-bags/vacuum-cleaner-bags-$2 [R=301,L]</ifmodule> <ifmodule mod_rewrite.c="">RewriteEngine On
RewriteBase /
RewriteRule ^p/([0-9]+)/(.*) $2 [R=301,L]</ifmodule> <ifmodule mod_rewrite.c="">RewriteEngine On
RewriteBase /
RewriteRule ^c/([0-9]+)/(.*) default/$2 [R=301,L]</ifmodule>0 -
Pointing a sub-domain to a sub-folder in htaccess
I have a client who currently uses shopify for there blog. I want to set them up with a separate blog away from the shopify system and host it in Australia. I know the best option is using a subfolder but as the shopify system is an unmoveable CMS can I somehow point my subdomain to a subfolder and get the benefits of the domain name? I could do this by using the rewrite rule in the htaccess file. If I was to do this would it end up cloaking the URL's of the articles?
Technical SEO | | acs1110 -
Removing URL Parentheses in HTACCESS
Im reworking a website for a client, and their current URLs have parentheses. I'd like to get rid of these, but individual 301 redirects in htaccess is not practical, since the parentheses are located in many URLs. Does anyone know an HTACCESS rule that will simply remove URL parantheses as a 301 redirect?
Technical SEO | | JaredMumford0 -
I need help with a PHP canonical URL tags
I found a little difficult for me to do a canonical tag in my PHP. On-Page Report Card We check to make sure that IF you use canonical URL tags, it points to the right page. If the canonical tag points to a different URL, engines will not count this page as the reference resource and thus, it won't have an opportunity to rank. If you've not made this page the rel=canonical target, change the reference to this URL. NOTE: For pages not employing canonical URL tags, this factor does not apply. I don't know how to tidy my PHP Any suggestion.
Technical SEO | | lnietob0 -
Limits to 301 in htaccess?
I'm about to launch a redesign of my company's main website, and we've updated most of the URLs to be more user friendly and SEO optimized. I've just finished editing my spreadsheet, and see that I'll need to implement 244 redirects. My question is: Are there performance issues with loading your .htaccess file up with almost 250 301 redirect commands? I've heard a bloated htaccess file can really slow down apache, should I be approaching this a different way, maybe with php?
Technical SEO | | AdoptionHelp0 -
Joomla 1.7 sef404 advice please
Hi not sure if anyone uses joomla on here but if they do i would love there advice. I have just got a joomla site that is joomla 1.7 but i cannot find a sh404sef component to make the url friendly and would like to know if there is a component out there or if you can use an older one. I would have thought by now that they would have installed one with joomla 1.7 If anyone uses joomla, then i would be glad to hear from you.
Technical SEO | | ClaireH-1848860