Please advice needed SSL .htaccess
-
Hi everyone, I recently installed verisign ssl. the idea to have page https://example.com
all redirect from non-http to https work properly, but in IE whenever smbdy types https://www.example.com it shows the red screen with invalid certificate. If you click "proceed" - everything goes to normal page and on server redirect www to non-www seem to work fine. Is there way to get rid of the warning? Is it server or certificate issue?
Here is the peice of code from htaccess. Please, advice needed!
RewriteEngine On
RewriteBase /RewriteCond %{HTTPS} !=on
RewriteRule ^(.*) https://%{SERVER_NAME}/$1 [R,L]
RewriteRule ^index.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
Thanks in advance
-
Like I thought, you need to buy another certificate for https://www as it is considered another domain in modern browsers.
Thanks to all for responses
-
Thank you all guys, but Certificate installed correctly. I verified it several times with server administrator and VeriSign.
We have problems with intermediaries before but we fixed them.
As I understand the certificate is issued for "https://example.com", so whenever somebody types "https://www.example.com" it shows that certificate is not valid for this domain.
I am just about to find out, calling VeriSign
-
Thank you all guys, but Certificate installed correctly. I verified it several times with server administrator and VeriSign.
We have problems with intermediaries before but we fixed them.
As I understand the certificate is issued for "https://example.com", so whenever somebody types "https://www.example.com" it shows that certificate is not valid for this domain.
I am just about to find out, calling VeriSign
-
I wouldn't install the certificate to get around this problem. In fact, that could make things harder to fix because your browser has now been fixed but everyone else get a scary SSL error that drives them off. Your end user will not know how to install a certificate, nor should they need to.
You either need to fix this in Apache or your control panel software (if you use one).
-
It definitely sounds like your certificate is not installed correctly. I wouldn't worry about the htaccess until you have the SSL version working properly.
Something you might have missed is an intermediate certificate (sometimes called a CA certificate). That helps the end user browser validate the signature. I don't use Verisign so I don't know if they use one, but other SSL providers I use do.
-
Serge,
It sounds like the certificate is not properly installed on the server. The steps to install a Verisign SSL certificate are (from memory):
-
generate a CSR from your server. The method to do such varies based on your hosting setup. If you use WHM, there is an option within the panel. If none of this makes sense, contact your web host for guidance.
-
Verisign will provide you with the key. This key then needs to be installed on your server. You can do this via WHM or contact your web host provider.
-
Verisign has a tool which verifies the certificate has been properly installed. If the certificate is installed correctly, users will not see the warning you mentioned in IE nor any other browser.
-
htaccess is not related to the above process. What the change in htaccess allows you to do is ensure visitors can only view your site in https://
-
once the above is complete, you will want to review your code to ensure all images and other objects are presented only in https on secure pages. If you skip this step, users will receive a "not all items on this page are secure. Do you wish to view the unsecure objects" error.
-
now you can add your Verisign trust badge to your page(s)
Good Luck.
-
-
Thanks Harald. It is not about me, I don't want my visitors to run to the screen like that. I know that Bank of america had a problem like that, they fixes it.
Some other top websites still run like that on https
One friend today told me that you need to buy additional Certs or smth like that. I never worked with SSL before so this is smth that I need to find out.
I will call Verisign tomorrow and post here what they say
-
Hi Serge, First of all I want to SSL error is about the the certificate issue error & not of the server error.here I'm defining you the steps to fixed the error:
FIXED: Here’s how I fixed this problem (you do not need to buy or install any 3rd party certificates or software), the certification error is nothing to worry about. You can fix the error by following these steps:
1. Navigate to the page where you are presented with the Certificate Error and click on “Certificate Error” in the Address bar
2. Click on “View Certificates”
3. Click on “Install Certificate” and then Next
4. Select “Place all certificates in the following store” and click on Browse
5. Select “Trusted Root Certificate Authorities” and click on OK and then Next and Finish
6. Click on Yes and OK if you are asked whether you would like to install the certificate
7. Click on OK twice to exit windows and close and then open Internet ExplorerYou should no longer get the Certificate Error.
You can get more detailed information about how to fix this problem fromhttp://www.ubishops.ca/faqs/Cert.htm or http://www.brightvisions.co.uk/Secondly, the piece of code from htaccess ,Sometimes you may need to make sure that the user is browsing your site over securte connection. An easy to way to always redirect the user to secure connection (https://) can be accomplished with a .htaccess file containing the following lines:
RewriteEngine On RewriteCond %{SERVER_PORT} 80 RewriteRule ^(.*)$ https://www.example.com/$1 [R,L]
Please, note that the .htaccess should be located in the web site main folder.
In case you wish to force HTTPS for a particular folder you can use:
RewriteEngine On RewriteCond %{SERVER_PORT} 80 RewriteCond %{REQUEST_URI} somefolder RewriteRule ^(.*)$ https://www.domain.com/somefolder/$1 [R,L]
The .htaccess file should be placed in the folder where you need to force HTTPS.
I hope that your query had been solved.
Got a burning SEO question?
Subscribe to Moz Pro to gain full access to Q&A, answer questions, and ask your own.
Browse Questions
Explore more categories
-
Moz Tools
Chat with the community about the Moz tools.
-
SEO Tactics
Discuss the SEO process with fellow marketers
-
Community
Discuss industry events, jobs, and news!
-
Digital Marketing
Chat about tactics outside of SEO
-
Research & Trends
Dive into research and trends in the search industry.
-
Support
Connect on product support and feature requests.
Related Questions
-
Deleting Tags Properly - Advice Needed
I have over 18,000 tags. Needless to say, most of them are relatively useless to the user and generate no traffic, while cluttering the site. (I use Wordpress.) My plan is to delete tags, but I want to do so safely as to not accumulate website errors. (Tags pages are noindexed.) What process should I take here? Here was my basic plan (any help is appreciated). 1. Find irrelevant tags that are connected with hardly any posts. 2. Go into the post, and remove said tag. 3. Now, with a tag having a 'count' of 0, I go into Tags, and delete it. Safe, right? But now it seems those tag pages just turned into 404s "Uh-oh...Page not found!" Where do I go from here? Create 410's? Thanks Mike
Technical SEO | | naturalsociety0 -
Huge increase in links to your site when moving to SSL
Hi My client has 2 websites that after moving them to SSL the number of links to your site in the search console increased in 10s of thousands. What can be the reasons?
Technical SEO | | digital19740 -
Our site recently switched from http to https. Do I still need to setup a redirect for the incoming links pointing to http?
Our site recently switched from http to https. If you type in the http://www.websitename.com then it will automatically go to https://www.websitename.com ... my question is... do I still need to create a redirect in the htaccess file to ensure we don't lose all the links currently pointing to the http version of the website?
Technical SEO | | ninel_P0 -
.htaccess Question
Hi,I have a website www.contractor-accounts.co.uk that has an .htaccess file that strips .php and forces a closing brace /. The site is now over 6 months old and still has a very low ranking with MOZ also rating the site as DA/PA = 1 which seems to indicate some sort of issue with the website. Can anyone offer any suggestions as to why this site is ranking poorly as much of the onpage SEO has been completed to a level of 90%+ for specific keyterms so I'm probably either looking at routing of the framework of so other technical SEO issues possibly? Any help much apreciated... <ifmodule mod_rewrite.c=""><ifmodule mod_negotiation.c="">Options -MultiViews</ifmodule> RewriteEngine On # Redirect Trailing Slashes...
Technical SEO | | ecrmeuro
# RewriteRule ^(.)/$ /$1 [L,R=301]
RewriteCond %{REQUEST_URI} /+[^.]+$
RewriteRule ^(.+[^/])$ %{REQUEST_URI}/ [R=301,L]
# Redirect non-WWW to WWW...
RewriteCond %{HTTP_HOST} ^contractor-accounts.co.uk [NC]
RewriteRule ^(.)$ http://www.contractor-accounts.co.uk/$1 [L,R=301] # Handle Front Controller...
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^ index.php [L]</ifmodule>0 -
Advice on Duplicate Page Content
We have many pages on our website and they all have the same template (we use a CMS) and at the code level, they are 90% the same. But the page content, title, meta description, and image used are different for all of them. For example - http://www.jumpstart.com/common/find-easter-eggs
Technical SEO | | jsmoz
http://www.jumpstart.com/common/recognize-the-rs We have many such pages. Does Google look at them all as duplicate page content? If yes, how do we deal with this?0 -
I need to know more clearance on rel=canonical usage than 301 redirects ?
Hi all SEOmozs, As we all know purposes of rel=canonical , I have a query to ask that If we don't have any possibility to use 301 redirects on a domain , can it be really right to use rel=canonical on an old domain to let search engine to treat those all pages should be not priority where the domain we are being promoted in the market to list up instead that. I found this interesting Matt Cutts video http://www.youtube.com/watch?v=gJK5Uloy76g where he has told or cleared the point very nicely, yes we can use it if there is no possibility in your older domain or pages. So here i am asking the same to know more detailed clarity on this so that i can be more confidence on it. I have been seeing issues in my domains where old one domain comes than new domain why with new domain contents, and can it be really very good to bring new domain with **rel=canonical without using 301 redirect :
Technical SEO | | Futura
Old : kanin.com (leaving) New : kangarokanin.com (promoting) Where i might have not used yet the rel=canonical in old domain, will be going to use it soon , after finishing this discussion.** Regards,
Teginder Ravi tcSnN.jpg tcSnN.jpg dGd34.jpg0 -
Duplicate index.php/webpage pages on website. Help needed!
Hi Guys, Having a really frustrating problem with our website. It is a Joomla 1.7 site and we have some duplicate page issues. What is happening is that we have a webpage, lets say domain.com/webpage1 and then we also have domain.com/index.php/webpage1. Google is seeing these as duplicate pages and is causing me some real SEO problems. I have tried setting up a 301 redirect but it wn't let me redirect /index.php/webpage1 to /webpage1. Anyone have any ideas or plugins that can be used to sort this out? Any help will be really appreciated! Matt.
Technical SEO | | MatthewBarby0 -
Ranked on Page 1, now between page 40-50... Please help!
My site, http://goo.gl/h0igI was ranking on page one for many of our biggest keywords. All of a sudden, we completely fell off. I believe I'm down somewhere between page 40-50. I have no warning or error messages in webmaster tools. Can anyone please help me identify what the problem is? This is completely unexpected and I don't know how to fix it... Thanks in advance
Technical SEO | | Prime850