How to install a new certificate


#1

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:

I ran this command:- ?

It produced this output: ?

My web server is (include version): ?

The operating system my web server runs on is (include version): ?

My hosting provider, if applicable, is: certified hosting

I can login to a root shell on my machine (yes or no, or I don’t know): ?

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): yes

im new to learning how build websites. i followed the steps in my cpanel to receive and install a certificate.
It shows it’s enabled and active
but when i type in my url it shows not secure
my hosting provider help said i have to specifically type in () and it will show up.
I type that in and for a split second it shows secure with the lock but reverts back to showing not secure , yet it has https in front.

is there a step by step vid or page of steps i can read or watch to make sure i’ve done everything right.
Also when i got the certificate it says it only good till Nov. Is there a way to get a permanent certificate or do i have to update these all the time.

Thank you

Appreciate any help


#2

You have mixed content; check out whynopadlock.com for details.

There’s no such thing as a permanent certificate. Let’s Encrypt certs are valid for 90 days (and should be configured with automated renewal); certs from other providers can be valid for as long as two years.


#3

ok , i’ll follow that link to whynopadlock and see if i can figure it out.


#4

ok i did the whynopadlock test

Force https - our webserver is not forcing the use of SSL.
You may want to add a redirect to ensure a secure connection is used. More Info

When i read the more info it talks about adding code to my apache server- I have no idea how to do that - i pay a hosting provider. its says…
More info - Add the following code to the .htaccess file in your webhosting account:

RewriteCond %{HTTP_HOST} myurldomain.com [NC]
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ myurldomain.com/$1 [R,L]
Once this change is made your site will no longer be accessible on the insecure “http:/myurldomain.com” URLs and all visitors will be redirected to “https://myurldomain.com” instead.

i also got a mark for -

Protocols - You currently have TLSv1 enabled.
This version of TLS is being phased out. This warning won’t break your padlock, however if you run an eCommerce site, PCI requirements state that TLSv1 must be disabled by June 30, 2018.

but i dont have an ecommerce site, so should be good

and last it had …
Under mixed content
Soft Failure - An image with an insecure url of “http://-.jpg” was loaded on line: 422 of https://www

i have no idea how to locate “line 422”, i know where that picture is. i assume i just have to change the name of it or something.

But i definitely don’t know coding. And im not all that sure about this “redirects” thing. Like am i supposed to redirect https:// to all the various forms of the url , like…
http://funny…com
http://www.funny…com
https://www.funny…com


#5

Sounds like you need to have a talk with your hosting provider.


#6

ok i’ll bother them again, they so vauge


#9

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.