Author Topic: SSL Certificate and secure site  (Read 1767 times)

0 Members and 1 Guest are viewing this topic.

Offline PaulMy

  • Forecaster
  • *****
  • Posts: 4133
    • KomokaWeather
SSL Certificate and secure site
« on: March 08, 2018, 10:38:30 AM »
Is it as easy as buying the SSL certificate and then editing .htaccess as GoDaddy says?   https://ca.godaddy.com/help/redirect-http-to-https-automatically-8828??v=1

Paul
Davis Vantage Pro 2 Plus 24-FARS Wireless
Envoy/USB DataLogger/Cumulus v.1.9.4   -   Vue Console/WiFiLogger
Komoka, ON  Canada
www.komokaweather.ca   www.komokaweather.com   www.komokaweather.com/weather28/   www.komokaweather.com/pws/index.php
Blitzortung Station #1076 www.lightningmaps.org/blitzortung7/america/index.php?bo_page=statistics&bo_show=network&lang=en&bo_station_id=969

Offline wvdkuil

  • Wim van der kuil
  • Forecaster
  • *****
  • Posts: 1282
    • My PWS at Leuven Belgium Europe
Re: SSL Certificate and secure site
« Reply #1 on: March 08, 2018, 11:16:14 AM »
Is it as easy as buying the SSL certificate and then editing .htaccess as GoDaddy says?   https://ca.godaddy.com/help/redirect-http-to-https-automatically-8828??v=1

Paul
No, you have to check all pages if they contain links to http files, javascript for graphs and the like.
Normal http images will only give the "unsecure' warnings, but http javascripts and iframes will  only show white areas on the pages.

Step 1: have a https certificate
Step 2: all visitors  still go to the http site
Step 3; you check every part of all your sites it there is an error (in chrome inspect => console tab) and check if you can find https sources
When all is OK => switch to htpps with the  htaccess but only AFTER you made a solution for thos pages you still want to show but which will not work under https.

Yes. it is doable, but take far more work then the sellers of https talk about,

Wim
Development and maintenance of Leuven-Template&Scripts  at: https://support.leuven-template.eu/
My PWS at home https://weer.sluispark.be/
And at my daughters house https://www.weerstation-herent.be/

Offline PaulMy

  • Forecaster
  • *****
  • Posts: 4133
    • KomokaWeather
Re: SSL Certificate and secure site
« Reply #2 on: March 08, 2018, 01:45:50 PM »
Thanks Wim.
GoDaddy had called to warn me of the upcoming issues on unsecured sites.  I can get the Standard UCC SSL for up to 5 domain sites.   

I understand that I can add my sites one at a time as SSL secured so maybe the best way is to buy and start with adding one domain at a time.  I have 3 domains for not-for-profit organizations that have very simple websites so not too difficult to experiment with these first before I go to the weather sites.

These are all under my komokaweather.com hosting but in talking to GoDaddy hosting is not affected as unsecured, just the domains.  I presume that once I add a domain to the SSL certificate then the green padlock will appear on that domain's pages.

Quote
Step 3; you check every part of all your sites it there is an error (in chrome inspect => console tab) and check if you can find https sources
I seldom use Chrome so not familiar with the various functions (not familiar with them in Firefox either :oops: ).  I presume you mean that when a site is open in Chrome then press [F12], then [Console]. and with that I get clean results in the 3 simple domains and komokaweather.com. 
In komokaweather.ca (Saratoga template) I get one 404 (not found) which is at weatheroffice.ec.ca and I presume that is out of my control.

Or is there another function way to check on the https sources?

Again thanks and appreciate the guidance.

Paul



Davis Vantage Pro 2 Plus 24-FARS Wireless
Envoy/USB DataLogger/Cumulus v.1.9.4   -   Vue Console/WiFiLogger
Komoka, ON  Canada
www.komokaweather.ca   www.komokaweather.com   www.komokaweather.com/weather28/   www.komokaweather.com/pws/index.php
Blitzortung Station #1076 www.lightningmaps.org/blitzortung7/america/index.php?bo_page=statistics&bo_show=network&lang=en&bo_station_id=969

Offline wvdkuil

  • Wim van der kuil
  • Forecaster
  • *****
  • Posts: 1282
    • My PWS at Leuven Belgium Europe
Re: SSL Certificate and secure site
« Reply #3 on: March 08, 2018, 02:01:43 PM »
Thanks Wim.
GoDaddy had called to warn me of the upcoming issues on unsecured sites.  I can get the Standard UCC SSL for up to 5 domain sites.   

I understand that I can add my sites one at a time as SSL secured so maybe the best way is to buy and start with adding one domain at a time.  I have 3 domains for not-for-profit organizations that have very simple websites so not too difficult to experiment with these first before I go to the weather sites.

These are all under my komokaweather.com hosting but in talking to GoDaddy hosting is not affected as unsecured, just the domains.  I presume that once I add a domain to the SSL certificate then the green padlock will appear on that domain's pages.

Quote
Step 3; you check every part of all your sites it there is an error (in chrome inspect => console tab) and check if you can find https sources
I seldom use Chrome so not familiar with the various functions (not familiar with them in Firefox either :oops: ).  I presume you mean that when a site is open in Chrome then press [F12], then [Console]. and with that I get clean results in the 3 simple domains and komokaweather.com. 
In komokaweather.ca (Saratoga template) I get one 404 (not found) which is at weatheroffice.ec.ca and I presume that is out of my control.

Or is there another function way to check on the https sources?

Again thanks and appreciate the guidance.

Paul
When you run your current site now, you see the errors using http.
When you have a certificate you should add that site, but without forcing the use of HTTPS, so without htaccess redirect.
You then can test the site by accessing it yourself with https:// and  see if there are errors.
Example http://www.komokaweather.com/ at that site there are 90 http:// links, most of them probably links to other websites which will open in a new tab.  Those external websites do their own redirecting, nothing to bother with now.

But some of them must be changed not to loose functionality on your own pages, examples: http://c.statcounter.com   http://s48.sitemeter.com http://localtimes.info/  http://www.komokaweather.com/weather/wu/image_wu.jpg http://weather.gc.ca/data/warningmap/son_e.png

So that will take some time,  and checking if these images and javascripts are available under https.

Succes, Wim
Development and maintenance of Leuven-Template&Scripts  at: https://support.leuven-template.eu/
My PWS at home https://weer.sluispark.be/
And at my daughters house https://www.weerstation-herent.be/

Offline PaulMy

  • Forecaster
  • *****
  • Posts: 4133
    • KomokaWeather
Re: SSL Certificate and secure site
« Reply #4 on: March 08, 2018, 02:28:09 PM »
OK, thanks Wim I think I understand better now.

Regasrds,
Paul
Davis Vantage Pro 2 Plus 24-FARS Wireless
Envoy/USB DataLogger/Cumulus v.1.9.4   -   Vue Console/WiFiLogger
Komoka, ON  Canada
www.komokaweather.ca   www.komokaweather.com   www.komokaweather.com/weather28/   www.komokaweather.com/pws/index.php
Blitzortung Station #1076 www.lightningmaps.org/blitzortung7/america/index.php?bo_page=statistics&bo_show=network&lang=en&bo_station_id=969

Offline Aardvark

  • Forecaster
  • *****
  • Posts: 2039
  • www.desmoinesweather.org
    • Des Moines Iowa Weather and Climate
Re: SSL Certificate and secure site
« Reply #5 on: July 09, 2018, 06:33:16 PM »
Hostmonster sent me a reminder,  I am now secure, not that i wasn't .  I found that it takes some time for the web host to convert the ssl and all that .  Then if your padlock by the url isn't green, you have to go into your scripts to find what is wrong.  Hostmonster.com   sent me to this site and I was able to find out what:   https://www.whynopadlock.com/
just something to consider.
« Last Edit: July 21, 2018, 12:07:43 AM by Aardvark »
Davis VP2 Plus; 24h  FARS;  Soil Moisture/Temp Station;Weatherlink ;
https://www.desmoinesweather.org

Offline galfert

  • Forecaster
  • *****
  • Posts: 839
Re: SSL Certificate and secure site
« Reply #6 on: July 20, 2018, 10:43:11 PM »
Just wanted to mention that there is another option to buying an SSL certificate. You can get free  SSL certificates from https://letsencrypt.org

I haven't done this yet as I don't have a personal site. But I manage my company's web stuff and we just buy everything from GoDaddy. But I've been meaning to check out Let's Encrypt.
« Last Edit: July 21, 2018, 07:34:41 AM by galfert »
WS-2902A | ObserverIP | WeatherBridge (Meteobridge)
WU: KFLWINTE111  |  PWSweather: KFLWINTE111
CWOP: FW3708  |  AWEKAS: 14814
Tele-Pole flag pole is here (not installed yet)

Offline saratogaWX

  • Administrator
  • Forecaster
  • *****
  • Posts: 6817
  • Saratoga, CA, USA Weather - free PHP scripts
    • Saratoga-Weather.org
Re: SSL Certificate and secure site
« Reply #7 on: July 20, 2018, 11:27:22 PM »
I use LetsEncrypt certs on all the sites on my VPS (the Plesk panel has great integration for that).  For the WXforum.net shared server, I have a DigiCert from 1and1 (and did a second for northamericanweather.net which shares the server).  1and1 shared servers do not allow for LetsEncrypt certs (grumble).

On a GoDaddy shared site with cPanel, it's possible (and quite complicated) to have https://www.sslforfree.com/ use letsencrypt generate a set of certs for your site and you install them using the GoDaddy cPanel -- a pain, but doable.

On Dreamhost, I have LetsEncrypt certs on sites there -- easy integration with their admin panel.

Other hosters may just want you to buy a cert through them and not allow independently generated certs.
Ken True/Saratoga, CA, USA main site: saratoga-weather.org
Davis VP1+ FARS, Boltek-PCI/NexStorm, microSferics ToA, Blitzortung RED, GRLevel3, WD, WL, VWS, Cumulus, Meteobridge/hub
Free weather PHP scripts/website templates - update notifications on Twitter saratogaWXPHP

Offline Stryder87

  • Member
  • *
  • Posts: 38
    • Moody Weather
Re: SSL Certificate and secure site
« Reply #8 on: September 05, 2018, 02:19:21 PM »
I got a non-secure error on my site this morning, but after an hour it was back up and running.  However, it may be a good idea for me to go to SSL on my site.

A couple questions though, and I'm hoping Ken can answer one of them:
1- How long is the cert from SSLforFree good for?  I can't find the info on the page.
2- Where do you put the forced redirect information?  It says on your page, but do they mean the index.php file?  I don't see anything there that indicates where it would go.  I also saw mention of putting it in the .htaccess file, but I don't have that file on my server (GoDaddy).  I have it showing hidden files and I see a few .<folders> and .<files>, but not the .htaccess file.  Do I need to create one?

Offline Aardvark

  • Forecaster
  • *****
  • Posts: 2039
  • www.desmoinesweather.org
    • Des Moines Iowa Weather and Climate
Re: SSL Certificate and secure site
« Reply #9 on: September 05, 2018, 04:09:27 PM »
I think the certificate is good for one year.  I have Hostmonster.  they sold me the certificate and then converted my URL to the https format.  I paid for it. But there are a lot of good companies.  I went with Hostmonster and enjoyed their service well.  help is 24/7  so for me it is a good deal.

Good luck.

To test your site after you have the certificate in place,  May I suggest :   https://www.whynopadlock.com

Sometimes in your site if you have reference to non secure urls,  you won't get the green padlock.  This site will tell you what isn't working and then you have to ferret out what is wrong and fix it, retest and then you are better.
Davis VP2 Plus; 24h  FARS;  Soil Moisture/Temp Station;Weatherlink ;
https://www.desmoinesweather.org

Offline Stryder87

  • Member
  • *
  • Posts: 38
    • Moody Weather
Re: SSL Certificate and secure site
« Reply #10 on: September 07, 2018, 11:10:20 AM »
I think the certificate is good for one year.  I have Hostmonster.  they sold me the certificate and then converted my URL to the https format.  I paid for it. But there are a lot of good companies.  I went with Hostmonster and enjoyed their service well.  help is 24/7  so for me it is a good deal.

Good luck.

To test your site after you have the certificate in place,  May I suggest :   https://www.whynopadlock.com

Sometimes in your site if you have reference to non secure urls,  you won't get the green padlock.  This site will tell you what isn't working and then you have to ferret out what is wrong and fix it, retest and then you are better.

I got a cert for my site from the one Ken mentioned (SSLforFree).  I'm a little confused by it as there's a certificate.crt file, but then there's a ca_bundle.crt file as well.  I uploaded both of them.  The certificate.crt file is only good for 3 months, but the ca_bundle.crt is good for over a year.  I'm not sure which one will be used.

My biggest hurdle is figuring out how to get my site converted over.  There's no .htaccess file, so I have no idea where to put the lines redirecting the site to the secure one.

Offline Jasiu

  • Forecaster
  • *****
  • Posts: 319
    • LexMAWeather
Re: SSL Certificate and secure site
« Reply #11 on: September 07, 2018, 11:51:41 AM »
Who is your provided and is the site running on Linux?

If so, you should be able to add the .htaccess file to your site root (where the index.php is). There are variations, but here is what I have (I believe this is what 1and1 recommended):

Code: [Select]
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

Offline Stryder87

  • Member
  • *
  • Posts: 38
    • Moody Weather
Re: SSL Certificate and secure site
« Reply #12 on: September 07, 2018, 03:57:32 PM »
Who is your provided and is the site running on Linux?

If so, you should be able to add the .htaccess file to your site root (where the index.php is). There are variations, but here is what I have (I believe this is what 1and1 recommended):

Code: [Select]
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

I'm hosted with GoDaddy, and I'm pretty sure it's on Linux (I choose them because it was one of the few I could find I knew of and allowed Cron jobs).

Why No padlock gives me a green on everything, with the only issue being that my site isn't forcing to https.  It's using a self-signed cert.  I created a .htaccess file (no extension) and put in the recommended lines that NoPadlock suggested for my site.  I guess all I need to do is upload it and see what happens.  If it goes BOOM I can just take the file out I guess.

Edit: I'm wondering if I need to delete the self signed cert in GoDaddy as well so the only ones there are the two from SSLforFree?

Offline yamiacaveman

  • Senior Contributor
  • ****
  • Posts: 286
    • Penn Lake Weather
Re: SSL Certificate and secure site
« Reply #13 on: September 13, 2018, 02:46:46 PM »
Hi,

Fortunately my provider include SSL cert for free, lol, I'ms sure I'm paying for it somewhere, but it works.

I also used  NoPadlock. What I did was took the info from NoPadlock, went into each part of those scripts and just changed the http to https.  At first I was pretty careful, but with so many files to check, I eventually searched each on for a http, and when It came up added an s and check my web page to see if everything was working and moved on. I think I got lucky, but it is done.

www.pennlake.us