Domains being forwarded


#1

I have a rather complex forwarding setup and would like some help in deciding whether it will work with https and if yes, for which domain to get the certificate.

To keep the details simple, I will use dummy domain names.

I have a public facing domain: publicdomain.com

I have several domains used in QR codes (qrdomain1.com etc).

Each qrdomainx.com is forwarded (unmasked) to publicdomain.com

publicdomain.com is forwarded (masked) to hostingdomain.com and it is this hostingdomain.com that the website is actually built on.

I would like the publicdomain.com to be the secured domain as that is what the public sees, irrespective of the route they followed to get there and the domain used to host the site.

Is this possible to achieve?


#2

That’s totally possible.

However, if you are using redirects, remember that you need to use certbot on (hostingdomain.com) and forwarded correctly.

P.S. You can also enable ssl on all qrdomainx.com too. Just the same method.

Little advice, use the staging server first for testing, and when all certs are correctly issued on staging, switch to production. (since testing certificate might have errors and staging helps you avoid rate limit)

Thank you


#3

Thank you for the very fast response.

I’m please to hear that it is possible.

I’m totally new to this certificate business so I know I need to get started on the documentation - which I have found at eff.org

Could you provide a brief overview of the steps I need to follow to achieve the end result - which is simply to have publicdomain.com running as https.

Why should I enable ssl on all qrdomainx.com too? Those domains are invisible to the user. We use them just to save space on the QR url (several domains of the form abc.uk).

By the way, the site is hosted on a shared server with Hurricane Electric - they sent me here.


#4

Okay,

First, go to the hostingdomain, then make sure the url redirect is working. Use any tool to obtain certificate (publicdomain.com cmmon name, on hostingdomain ) then deploy your certificate.

You can use web tools like sslforfree.com or something if you don’t have ssh access.

Thank you


#5

I’m a bit confused now.

Why sslforfree.com? I though letsencrypt.org issued free certificates?


PS: I was expecting notification emails every time you posted but none have been received.

Just by chance I noticed the browser asking for permission to display something. I normally refuse but this time clicked accept. Do I need to do something special to receive emails?


#6

Lets Encrypt offers the service but you need a client software to actually retrieve your certificates.

Start here: https://letsencrypt.org/getting-started/


#7

Thank you. I will follow the getting-started notes and the comments above and come back here if I get stuck.


#8

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.