Confusion Around HTTP and HTTPS Protocols and How it Relates to LetsEncrypt


#1

why is it so? https://www.XXXX.com notdisplay ssl but https://XXXX.com and sub-domain is perfect…

this CRT
-----BEGIN CERTIFICATE-----
MIIFUjCCBDqgAwIBAgISA/SeFqdCQaS+sO+pc55iNp1wMA0GCSqGSIb3DQEBCwUA
MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD
ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xNzA1MDMwOTI5MDBaFw0x
NzA4MDEwOTI5MDBaMBkxFzAVBgNVBAMTDnd3dy5saW9ydW4uY29tMIIBIjANBgkq
hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArEr52GknVJFossdE6uizu/Ax7Z8CSLaq
YNgvhLj0rGhkulYbzeLCeZpYYqjwZBLEvHuzLsbUBltn3uhmpZ/hQDpXkBKuvy19
3JguUf3w+5Y/kBzk7JK5h2zOHjgJb+tMJ1QBHhgLBVnVcwmKG/+hFcEScQVgdm10
VR5H6E2GmijNjm+iBR8+L/HzeSQ40J9ScktVkfcolwIwrf3HdttPraXl9mNDLv7A
sZ69A0iiqdgSLIb9YuRVjljLCzHF9eKej4+eDqlQeP4eWaCNNRREA6g5ZqYzX3k9
cfzyRTm2YPB2/I/MceT2uk3ZX4Aq8T6AQJO3b7nPcbYkYKFvpFJNVQIDAQABo4IC
YTCCAl0wDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEF
BQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBRDqSBeXuckqsUampbBsehYlycV
MDAfBgNVHSMEGDAWgBSoSmpjBH3duubRObemRWXv86jsoTBwBggrBgEFBQcBAQRk
MGIwLwYIKwYBBQUHMAGGI2h0dHA6Ly9vY3NwLmludC14My5sZXRzZW5jcnlwdC5v
cmcvMC8GCCsGAQUFBzAChiNodHRwOi8vY2VydC5pbnQteDMubGV0c2VuY3J5cHQu
b3JnLzBrBgNVHREEZDBigg5hcnQubGlvcnVuLmNvbYIQYXNzZXQubGlvcnVuLmNv
bYISZGV2ZWxvcC5saW9ydW4uY29tgg5lZHUubGlvcnVuLmNvbYIKbGlvcnVuLmNv
bYIOd3d3Lmxpb3J1bi5jb20wgf4GA1UdIASB9jCB8zAIBgZngQwBAgEwgeYGCysG
AQQBgt8TAQEBMIHWMCYGCCsGAQUFBwIBFhpodHRwOi8vY3BzLmxldHNlbmNyeXB0
Lm9yZzCBqwYIKwYBBQUHAgIwgZ4MgZtUaGlzIENlcnRpZmljYXRlIG1heSBvbmx5
IGJlIHJlbGllZCB1cG9uIGJ5IFJlbHlpbmcgUGFydGllcyBhbmQgb25seSBpbiBh
Y2NvcmRhbmNlIHdpdGggdGhlIENlcnRpZmljYXRlIFBvbGljeSBmb3VuZCBhdCBo
dHRwczovL2xldHNlbmNyeXB0Lm9yZy9yZXBvc2l0b3J5LzANBgkqhkiG9w0BAQsF
AAOCAQEAmQThxXQJHnvWQSxhVHfnsg/E5Jv4Jy19wWzRi28y2hsBkMlZJ+2HEg0K
UMlg0FFOE2KnDuN+h+c+iQOQQ1wJh4xDVcBtKl0UH3h0wyGhaAjaK8zVX7/U4i4p
dIMtDdQ3mexUM8K3bKKi3WrNteVs6VvEDTbSSnvx/N+91pXqgpc3jPDAXysdwsfp
C3I3yR+DpkwCXb+uA5zq+jIL4sLyGnFkLh5ukPe5NRp6Q2IKxMQ3Plx7F2tSlY/8
ygJXufjtf7iS0C0zYLOD8l14sngWuKL14MlhYd+uA1knQN6MjKr/ic4P72DeilXG
UsMIuaHYsNMR0cI/9jPs4Fwgzt+fbg==
-----END CERTIFICATE-----


#2

Hello @496988685,

I see no problem with the https version of your www subdomain.

Cheers,
sahsanu


#3

hi @496988685

A) Please paste proper links (stop taking screenshots of text based things or pasting xxx links that go nowhere as it makes it longer for people to check and help you or may frustrate them)
B) Review HTTP vs HTTPs protocols. Your first page is requested via HTTP (this is a fundamental that you should understand before panicking and posting on forums)
C) as @sahsanu - SSL for use with the HTTPS protocol is confiugred well for your domain.
D) You can review this on this site https://www.ssllabs.com/ssltest/analyze.html?d=liorun.com&latest
E) I would also suggest some reading on TLS in general - apologies I don’t have any good links

Andrei


#4

Hi @496988685,

I’m glad your certificates are working properly by now!

When you have a site available via HTTPS, it can also remain available by HTTP at the same time. This depends on how the web server is configured.

Right now, you have both http://www.liorun.com/ and https://www.liorun.com/ and both of them work (the first is an insecure connection, and the second is an insecure connection). This is a very common situation.

In most web browsers, if you just type in “www.liorun.com” without a protocol scheme (http:// or https://), the default protocol scheme is http:// and so the web browser will take you to the insecure version.

It is possible to configure the web server to send a 301 redirect which redirects people from one to the other. This is commonly done by people when they activate HTTPS on their web sites.

There is also a technology called HSTS where you can ask browsers to default to the HTTPS version instead of the HTTP version. If you’re very sure that your site will always be available in HTTPS and should be HTTPS-only, you can also use HSTS to tell browsers to remember this.


#5

:百胜: .
thank you.this issue is because of apply “liorun.com” without “www.liorun.com”,i have reapplyed once.


#6

okey,you are right,It is improtant that study protocols,i must starting now .


#7

thank you :grin:
It is exciting…Website add https protocols is an irresistable trend . importantly, letsencrypt org help us achieve our rights…Please accept my praise:+1:


#8

Thanks, I’m glad you like what we do!


#9

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.