SSL Certificate subdomain issue

Home Forums BulletProof Security Pro SSL Certificate subdomain issue

This topic contains 7 replies, has 2 voices, and was last updated by  Ljubomir Manojlovic 2 months, 1 week ago.

Viewing 8 posts - 1 through 8 (of 8 total)
  • Author
    Posts
  • #37837

    Ljubomir Manojlovic
    Participant

    P.S. – I created my installations on localhost (but using real (sub)domains). For installation I used Alpha wildcard SSL.

    ISSUES

    I’m using Really Simple SSL and I added it’s code to BPS custom codes (as you provided me infos). Code is

    # BEGIN rlrssslReallySimpleSSL rsssl_version[3.2.5]
    <IfModule mod_rewrite.c>
    RewriteEngine on
    RewriteCond %{HTTPS} !=on [NC]
    RewriteRule ^(.*)$ https://%{HTTP_HOST}/$1 [R=301,L]
    </IfModule>
    # END rlrssslReallySimpleSSL

    However, issue is with subdomains (main domain works fine in www and non-www mode). Subdomains with (ie) blog.mydomain.com works fine, but https://www.blog.mydomain.com drop me in WARNING page of certificate issue. As certificate is ok by itself, obviously problems could be:

    a) BPS not apply Really Simple SSL code, or (most likely)

    b) Really Simple SSL code is not good

    Any idea

    #37840

    AITpro Admin
    Keymaster
    #37841

    Ljubomir Manojlovic
    Participant

    I’m not sure on what part of link you think.

    1) I set in DNS all with A record (needed by Bitnami, but should not to be different than CNAME), both – blog and http://www.blog (BTW, it open link, but with warning). So, that cannot be issue.

    When I try same on https://support.apple.com and also https://www.support.apple.com, it always redirect (open) to https://support.apple.com, as it should to be (and how I wanted). So, from my point of view, I have wrong or not applied redirection rules, but …

    Please be clear what you thought with link.

    #37842

    AITpro Admin
    Keymaster

    Well personally I would never use www for a subdomain site since that does not really make any sense to do.

    Example:  This forum site is a subdomain site:  forum.ait-pro.com.  Note: We would not use www in front of the subdomain name because that would not make any sense to do that.

    #37845

    Ljubomir Manojlovic
    Participant

    Great. I figured now that you don’t understand my issue.

    1) EXAMPLE ONE

    Try to type in browser (you cannot stop visitors to do it, right?) https://forum.ait-pro.com as well as https://www.forum.ait-pro.com and see what you get (in both situations – P.S. – use Incognito).

    2) EXAMPLE TWO

    Try to type in browser (you cannot stop visitors to do it, right?) https://support.apple.com as well as https://www.support.apple.com and see what you get (in both situations – P.S. – use Incognito).

    Your Forum drop out blank page (as you didn’t add support for www in DNS), what is same like my case (where I have SSL error, as I added DNS support), but substantially are same cases vs redirection.

    Apple instead works as should to be. In both typing in browser, it redirect on https://support.apple.com (as you wrote, www is not ‘normal’ or usual to type, but Apple knows how MANY PEOPLE DO IT), as it should to be (what I want).

    Hopefully, now you get me.

    #37846

    AITpro Admin
    Keymaster

    Why would we add support for a www subdomain when that is not a standard or conventional thing to do.  If someone accidentally types in www for this forum site then they have made a mistake since we would never use the www subdomain for a subdomain site.  If other people are doing that then I would suggest that they are not doing something that is an Internet standard.  You are aware the www is a subdomain and if you also have another subdomain then technically you have a subdomain – subdomain site and not a subdomain site.

    Instead of creating some silly problematic solution like creating an additional subdomain for a subdomain website the smarter thing to do would be to redirect or rewrite the www subdomain.  Not sure if that is even possible to do, but it is a much more logical approach to someone mistakenly typing in the wrong URL for a website.

    #37849

    AITpro Admin
    Keymaster

    I just tested doing a redirect for the www subdomain URL for this site and of course it did not work because that is not the correct website.  www would be the subdomain and forum would be the primary domain, which of course is incorrect.  Probably the only option you would have would be to setup Forwarding in your host control panel for www to forward to the correct subdomain site.  that may not work either if a CNAME record is not setup for the www subdomain. Not really sure since I have never tried to do anything like that before.

    #37852

    Ljubomir Manojlovic
    Participant

    EXCELLENT

    Thanks for great idea to set it in DNS (need some time to pass). Yes, now it works equal as on my example with Apple Support. Everything is redirected fine and now did visitor type with or without www, it always open without version.

    I posted it here as I thought how code is not applied for redirection in BPS custom code section, but no, DNS solve issue.

    P.S. – I generally agree with you, but as I wrote, Apple KNOW how there is LOT OF PEOPLE who still don’t type it without www, so this is something what should be done in domain DNS to get it to work well (nobody want to get visitors on non existing page warning, right?).

    Thanks again.

Viewing 8 posts - 1 through 8 (of 8 total)

You must be logged in to reply to this topic.