Azure certificate installed successfully but site still not secure

#1

Hi,

Yesterday I were try install certificate on my site(troskliwymis.pl, www.troskliwymis.pl). I did that on azure by extension.

I go through that tutorial: https://github.com/sjkp/letsencrypt-siteextension/wiki/How-to-install
and everything was fine, at the end I was able to see that certificate was installed fine.

I can see that certificate was bing to custom domain www and non-www, I can also see that folder:

But when trying to enter to site by https, there is information that is not secured.

I check my site on: https://check-your-website.server-daten.de/?q=troskliwymis.pl
and I can see that certificate is there.

I have hosting in other place than azure and created there A, TXT, CNAME records for azure app for my custom domain. Do I need to create others DNS record on my domain hosting ?

I will appreciate any help.

#2

Hi @Svmurvj

yep, you have a correct certificate:

CN=troskliwymis.pl
	05.03.2019
	03.06.2019
expires in 89 days	troskliwymis.pl, www.troskliwymis.pl - 2 entries

But you have redirects from https to http:

Domainname Http-Status redirect Sec. G
http://www.troskliwymis.pl/
52.232.33.202 301 http://troskliwymis.pl/ 0.057 D
http://troskliwymis.pl/
52.232.33.202 200 0.320 H
https://troskliwymis.pl/
52.232.33.202 301 http://troskliwymis.pl/ 1.350 F
https://www.troskliwymis.pl/
52.232.33.202 301 http://troskliwymis.pl/ 1.280 F

Both https versions redirect back to http -> Grade F.

So two steps:

  • Find the wrong redirect in your SSL vHost. Or is it own software with a .htaccess? Old software, installed without a certificate?
  • Then add the correct redirects http -> https. But this is step two, if you do that first, you have a loop.
#3

Thanks for answer, actually it is hosted on IIS and in web.config I have:

<rewrite>
  <rules>
    <rule name="Redirect to non-www" stopProcessing="true">
      <match url="(.*)" negate="false"></match>
      <action type="Redirect" url="http://troskliwymis.pl/{R:1}"></action>
      <conditions>
        <add input="{HTTP_HOST}" pattern="^troskliwymis\.pl$" negate="true"></add>
      </conditions>
    </rule>
  </rules>
</rewrite>

I do that because I just want to have only non-www. On azure there is a possibility to redirect all traffic from http -> https When I enabled that - then revived error: To many redirection. I tried do that without that code but is the same.

I need to figure out how to set it correctly.

#4

That redirects the complete traffic.

First, add a rule (as first rule)

                <rule name="HttpToHttps" patternSyntax="Wildcard" stopProcessing="true">
                    <match url="*" />
                    <conditions logicalGrouping="MatchAll" trackAllCaptures="false">
                        <add input="{HTTPS}" pattern="off" />
                    </conditions>
                    <action type="Redirect" url="https://{SERVER_NAME}{REQUEST_URI}" />
                </rule>

That redirects all https = off (= http) to https.

Second, change your existing rule to “https” als url destination. Then recheck your domain.

Or: First step - remove your own rule (add comments <!-- and -->), then add the new rule -> recheck, then remove the comments and change your existing rule -> recheck.

3 Likes
#5

I really thanks for help. I will be able to check that at night and then let you know.

2 Likes
#6

@JuergenAuer I removed my rule and add your. Everything works fine. Thank you very much for help.I owe you :beers: and more :slight_smile:

#7

I add those two rule to make it redirect to non-www https:

<rewrite>
  <rules>
    <rule name="HttpToHttps" patternSyntax="Wildcard" stopProcessing="true">
        <match url="*" />
        <conditions logicalGrouping="MatchAll" trackAllCaptures="false">
            <add input="{HTTPS}" pattern="off" />
        </conditions>
        <action type="Redirect" url="https://{SERVER_NAME}{REQUEST_URI}" />
    </rule>
    <rule name="Redirect to non-www" stopProcessing="true">
      <match url="(.*)" negate="false"></match>
      <action type="Redirect" url="https://troskliwymis.pl/{R:1}"></action>
      <conditions>
        <add input="{HTTP_HOST}" pattern="^troskliwymis\.pl$" negate="true"></add>
      </conditions>
    </rule>
  </rules>
</rewrite>
1 Like
closed #8

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.