Announcement

Collapse
No announcement yet.

SSL setup

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Trevor Hannant
    replied
    And a green bar here for me..

    Leave a comment:


  • Wayne Luke
    replied
    Originally posted by Mark.B View Post
    If this is the site in your license, I can see the company name in IE11 fine.
    Same for me.

    Leave a comment:


  • Mark.B
    replied
    If this is the site in your license, I can see the company name in IE11 fine.

    Leave a comment:


  • Glenn Vergara
    replied
    When you view the details of the SSL certificate in IE and Edge, does it have a message saying what might be wrong with the certificate?

    Leave a comment:


  • jdj
    replied
    Originally posted by Glenn Vergara View Post
    I don't think this issue is related to htaccess. I think it's more of the browser not trusting your SSL certificate vendor.

    https://security.stackexchange.com/a/37368

    Here's what answer #2 says:
    I doubt it; the vendor is Comodo so I'd be surprised if that's what the problem is. What I can't figure out is that it works on some machines and not others. I've cleared every cache I can think of but it makes no difference.

    Leave a comment:


  • Glenn Vergara
    replied
    I don't think this issue is related to htaccess. I think it's more of the browser not trusting your SSL certificate vendor.

    https://security.stackexchange.com/a/37368

    Here's what answer #2 says:

    The problem here is likely that your browser doesn't trust your SSL certificate vendor. It's possible that you have messed up the configuration somewhere (chain certificates can be troublesome) but it will be hard for us to figure that out without you posting a URL here.

    Try clicking on the lock then clicking on the Connection tab and then Certificate Information (as I have done in the second screenshot). Hopefully that screen will tell you what Chrome thinks is wrong about your certificate.

    The browsers do behave differently with regards to many aspects of SSL/TLS and especially when it comes to EV certificates.

    Leave a comment:


  • jdj
    replied
    Originally posted by Wayne Luke View Post
    If that works in some browsers and not others, then it points to being a browser issue. Since Internet Explorer is not undergoing new development and has basically been abandoned by Microsoft due to the new Edge Browser, I would say it won't support all new features. Microsoft is only keeping IE around for legacy corporate applications.

    I think the important issue here is if IE is showing the site as secure or not. Not whether it shows green in the address bar.
    It's the same in Microsoft Edge - EV doesn't show.

    The reason why you go for EV SSL is so that users know which business they are dealing with. That's why the banks do it.

    Leave a comment:


  • Wayne Luke
    replied
    If that works in some browsers and not others, then it points to being a browser issue. Since Internet Explorer is not undergoing new development and has basically been abandoned by Microsoft due to the new Edge Browser, I would say it won't support all new features. Microsoft is only keeping IE around for legacy corporate applications.

    I think the important issue here is if IE is showing the site as secure or not. Not whether it shows green in the address bar.

    Leave a comment:


  • Mark.B
    replied
    Originally posted by jdj View Post

    Extended Validation SSL - it shows a green bar in the browser with the name of the company in whose name the domain is registered for extra security.

    Example here.

    https://bank.barclays.co.uk/olb/auth/LoginLink.action
    This isn't something we've tested or investigated. Can't see any reason why it wouldn't work though.

    Leave a comment:


  • jdj
    replied
    Originally posted by Wayne Luke View Post
    What is an EV SSL?
    Extended Validation SSL - it shows a green bar in the browser with the name of the company in whose name the domain is registered for extra security.

    Example here.

    https://bank.barclays.co.uk/olb/auth/LoginLink.action

    Leave a comment:


  • Wayne Luke
    replied
    What is an EV SSL?

    Leave a comment:


  • jdj
    replied
    My host suggested this:

    QUOTE:

    Based on a search, to force all web traffic to use HTTPS, you should be able to use the below in your htaccess file

    RewriteEngine On
    RewriteCond %{SERVER_PORT} 80
    RewriteRule ^(.*)$ https://www.example.com/$1 [R,L]

    To force traffic for a specific domain to use HTTPS, you would use

    RewriteEngine On
    RewriteCond %{HTTP_HOST} ^example\.com [NC] RewriteCond %{SERVER_PORT} 80 RewriteRule ^(.*)$ https://www.example.com/$1 [R,L]

    With regards to the 404 errors you are seeing, this may be a result of the order of the rewrite rules - they are called in the order in which they appear in the htaccess, so you may need rearrange the existing rewrite rules you have set up to get it to work as intended.

    END QUOTE:

    The 2nd suggestion didn't seem to do anything at all. The first does seem to redirect all traffic to https but we have an EV SSL. When I view the site in Firefox I see the EV SSL, when I view it in IE I don't. So given that this partly works, what would I have to do to get IE to show the EV SSL as well?

    Leave a comment:


  • jdj
    replied
    Originally posted by Mark.B View Post
    If it helps, I use this and it works fine:
    Code:
    RewriteCond %{HTTPS} off
    RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
    That gave me a tab saying 302 found and a white page saying
    Found

    The document has moved here.
    Apache Server at [mysite.com] Port 80

    Leave a comment:


  • Mark.B
    replied
    If it helps, I use this and it works fine:
    Code:
    RewriteCond %{HTTPS} off
    RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}

    Leave a comment:


  • Wayne Luke
    replied
    It should redirect everything to HTTPS. If you're getting 404 errors, you need to discuss this with your hosting provider as this is a server directive. We are only providing it as a courtesy. They may need different directives based on their server configurations.

    Leave a comment:

Related Topics

Collapse

Working...
X