NetTalk Central

Author Topic: SSL Certificates  (Read 3919 times)

markster

  • Full Member
  • ***
  • Posts: 204
    • View Profile
    • Email
SSL Certificates
« on: August 11, 2014, 09:01:01 AM »
I just purchased a Comodo SSL certificate for my app using the Lindersoft connection. I have received 4 crt files from Comdo: a Root certificate, 2 Intermediate certificates, and a [mydomainname] certificate. The online docs indicate that intermediate certificates should be copied into the [mydomainname] certificate (after the existing text). What about the Root certificate?

Also, I have my app running under port 88 for now to avoid any random website access. Since the certs are pointed at my domain name and the standard default port is 80, do I have to make that port change to 80 now?

Regards,

Mark

terryd

  • Hero Member
  • *****
  • Posts: 759
    • View Profile
    • Davcomm
    • Email
Re: SSL Certificates
« Reply #1 on: August 11, 2014, 09:53:40 AM »
Hi Mark\Isn't the default address for ssl 443?
Terry Davidson
Windows 10 64 bit/Windows7 64bit
Clarion 9.1.11529/Clarion10 12567
Nettalk 913
Nettalk 1015
StringTheory267/Winevent515/XFiles298/MessageBox239/Cryptonite186

markster

  • Full Member
  • ***
  • Posts: 204
    • View Profile
    • Email
Re: SSL Certificates
« Reply #2 on: August 11, 2014, 12:40:44 PM »
Yes, you are correct that the default SSL address is 443. I am using the dual WebServer set up where it reads the 80 (or 88) port if the call comes in there and then transfers it to 443.

Mark

markster

  • Full Member
  • ***
  • Posts: 204
    • View Profile
    • Email
Re: SSL Certificates
« Reply #3 on: August 11, 2014, 02:09:48 PM »
More testing: I added the Root and Intermediate (2) certificate files' text to the [mydomainname].CRT file and installed the to my certificates subfolder. All my test browsers (Firefox, Explorer, Chrome) seem to connect OK. However they will only connect at [mydomainname].com. They will not connect if I enter www.[mydomainname].com. Why would that be?

Thanks,

Mark

Bruce

  • Global Moderator
  • Hero Member
  • *****
  • Posts: 11250
    • View Profile
Re: SSL Certificates
« Reply #4 on: August 11, 2014, 09:45:49 PM »
>> Since the certs are pointed at my domain name and the standard default port is 80, do I have to make that port change to 80 now?

DNS values do not include the port number. So while it's useful to run on port 80 (for unsecure) or port 443 for secure, that's not required.

your site could run on say port 444 and you would access it as
https://mydomainname.com:444

>> However they will only connect at [mydomainname].com. They will not connect if I enter www.[mydomainname].com. Why would that be?

if your certificate is for mydomain.com then it's for mydomain.com. Not www.mydomain.com or mark.mydomain.com or whatever.

If you want a certificate to do all the subdomains - ie essentially be fore *.mydomain.com then you need to purchase a "wildcard certificate" which (surprise, surprise) costs more.

cheers
Bruce

markster

  • Full Member
  • ***
  • Posts: 204
    • View Profile
    • Email
Re: SSL Certificates
« Reply #5 on: August 13, 2014, 09:42:13 AM »
Bruce, I deleted the secure WebServer from my app so it was running only on port 80 and then redeployed it to my host server at RackSpace. I can access the site from my browser with [mydomain].com but not with www.[mydomain].com.  Clearly this has nothing to do with SSL, so there has to be something else wrong...

Mark

markster

  • Full Member
  • ***
  • Posts: 204
    • View Profile
    • Email
Re: SSL Certificates
« Reply #6 on: August 13, 2014, 09:55:34 AM »
Whoops :o I found the error: I had to add an A DNS record for www.[mydomain].com.

Mark