Author Topic: SSL Certificates (Read 3917 times)

markster · « **on:** August 11, 2014, 09:01:01 AM »

I just purchased a Comodo SSL certificate for my app using the Lindersoft connection. I have received 4 crt files from Comdo: a Root certificate, 2 Intermediate certificates, and a [mydomainname] certificate. The online docs indicate that intermediate certificates should be copied into the [mydomainname] certificate (after the existing text). What about the Root certificate?

Also, I have my app running under port 88 for now to avoid any random website access. Since the certs are pointed at my domain name and the standard default port is 80, do I have to make that port change to 80 now?

Regards,

Mark

terryd · « **Reply #1 on:** August 11, 2014, 09:53:40 AM »

Hi Mark\Isn't the default address for ssl 443?

markster · « **Reply #2 on:** August 11, 2014, 12:40:44 PM »

Yes, you are correct that the default SSL address is 443. I am using the dual WebServer set up where it reads the 80 (or 88) port if the call comes in there and then transfers it to 443.

Mark

markster · « **Reply #3 on:** August 11, 2014, 02:09:48 PM »

More testing: I added the Root and Intermediate (2) certificate files' text to the [mydomainname].CRT file and installed the to my certificates subfolder. All my test browsers (Firefox, Explorer, Chrome) seem to connect OK. However they will only connect at [mydomainname].com. They will not connect if I enter www.[mydomainname].com. Why would that be?

Thanks,

Mark

Bruce · « **Reply #4 on:** August 11, 2014, 09:45:49 PM »

>> Since the certs are pointed at my domain name and the standard default port is 80, do I have to make that port change to 80 now?

DNS values do not include the port number. So while it's useful to run on port 80 (for unsecure) or port 443 for secure, that's not required.

your site could run on say port 444 and you would access it as
https://mydomainname.com:444

>> However they will only connect at [mydomainname].com. They will not connect if I enter www.[mydomainname].com. Why would that be?

if your certificate is for mydomain.com then it's for mydomain.com. Not www.mydomain.com or mark.mydomain.com or whatever.

If you want a certificate to do all the subdomains - ie essentially be fore *.mydomain.com then you need to purchase a "wildcard certificate" which (surprise, surprise) costs more.

cheers
Bruce

markster · « **Reply #5 on:** August 13, 2014, 09:42:13 AM »

Bruce, I deleted the secure WebServer from my app so it was running only on port 80 and then redeployed it to my host server at RackSpace. I can access the site from my browser with [mydomain].com but not with www.[mydomain].com. Clearly this has nothing to do with SSL, so there has to be something else wrong...

Mark

markster · « **Reply #6 on:** August 13, 2014, 09:55:34 AM »

Whoops

I found the error: I had to add an A DNS record for www.[mydomain].com.

Mark

NetTalk Central

Author Topic: SSL Certificates (Read 3917 times)

markster

SSL Certificates

terryd

Re: SSL Certificates

markster

Re: SSL Certificates

markster

Re: SSL Certificates

Bruce

Re: SSL Certificates

markster

Re: SSL Certificates

markster

Re: SSL Certificates