my domain name:extremesportsindia.com
My website is fully based on angularjs and i have a ssl of let’s encrypt but the problem is that when i am typing ‘https’ on url only then it is showing that my site is secure but when i am simply typing ‘http’ or site name then it is showing that my site is not secure by and large it is not redirecting on ‘https’ so please help me out what should i do now?
You should send a redirect from HTTP to HTTPS.
Since you seem to be using Express.js, perhaps you can use this middleware: https://stackoverflow.com/a/24015460
so how it will redirect from ‘http’ to ‘https’ .and yes i am using express.js so tell me the way and procedure too that how i can rectify it.
where should i use that https://stackoverflow.com/a/24015460 instruction.
means that should i use it within express.js file or where?
Hi @manisha97
your site uses the wrong certificate (checked with https://check-your-website.server-daten.de/?q=extremesportsindia.com ):
CN=extremesportsindia.com
10.01.2019
10.04.2019
expires in 22 days extremesportsindia.com - 1 entry
The certificate has only one domain name.
But you have both dns entries (non-www and www, that's good, don't remove that):
| Host | T | IP-Address | is auth. | ∑ Queries | ∑ Timeout |
|---|---|---|---|---|---|
| extremesportsindia.com | A | 142.44.163.35 | yes | 2 | 0 |
| AAAA | yes | ||||
| www.extremesportsindia.com | C | extremesportsindia.com | yes | 1 | 0 |
| A | 142.44.163.35 | yes |
Result: Your www version isn't secure:
| Domainname | Http-Status | redirect | Sec. | G |
|---|---|---|---|---|
| • http://extremesportsindia.com/ | ||||
| 142.44.163.35 | 200 | 0.213 | H | |
| • http://www.extremesportsindia.com/ | ||||
| 142.44.163.35 | 200 | 0.214 | H | |
| • https://extremesportsindia.com/ | ||||
| 142.44.163.35 | 200 | 1.250 | B | |
| • https://www.extremesportsindia.com/ | ||||
| 142.44.163.35 | 200 | 0.986 | N | |
| Certificate error: RemoteCertificateNameMismatch |
So before you add redirects:
Create a new certificate (same method as earlier), but add both domain names.
If you use Certbot, add
-d extremesportsindia.com -d www.extremesportsindia.com
to create the correct certificate.
My openssl has been expired and i want to reinstall it how i can reinstall my let’s encrypt open zerossl??
Create a new certificate with the same command.
If you use ZeroSSL, you have to do that manual. Every 60 - 85 days.
so should i remove all the old certificates to renewing it.
No.
Never remove old certificates if you don't know you need them again.
An expired certificate is better then no certificate.
Create a new and install it. Then the old certificate is replaced.
You have a redirect http -> https, but your app running https doesn’t support the validation file.
Your http instance shouldn’t redirect
/.well-known/acme-challenge
so what should i do now ??
You have added a redirect. So remove that redirect to create a new certificate. Then add it again.
okh thanks a lot. but i wanted to know if i want to renew it then what would be the command in centos??and is there any other way to do it without removing redirection??
Please read the basics.
Then select a client you run on your machine.
Then explain your setup, it's completely unclear.
Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
My domain is:
I ran this command:
It produced this output:
My web server is (include version):
The operating system my web server runs on is (include version):
My hosting provider, if applicable, is:
I can login to a root shell on my machine (yes or no, or I don't know):
I'm using a control panel to manage my site (no, or provide the name and version of the control panel):
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):
My domain is:extremesportsindia.com
I ran this command:creating certificate through zerossl.and when doing verification then
It produced this output:
My web server is (include version): Unknown
The operating system my web server runs on is (include version):centos 7.
My hosting provider, if applicable, is: Hosted by OVH
I can login to a root shell on my machine (yes or no, or I don’t know):yes
I’m using a control panel to manage my site (no, or provide the name and version of the control panel):no i am using ssh access.
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot):certbot-auto --version
[/quote]
If you have root access, why do you use zerossl? You have to do that every 60 - 85 days, that's terrible.
With shell access, you should always be able to use your own certbot or certbot-auto.
And what webserver runs on port 80? There is already an instance you can use.
Two reasons are most likely:
To understand which is it, put test.txt file with some text into the same directory where you put the verification files, see if you can access that. If you can, it’s likely the second reason, in which case create a file without extension in the name and try accessing that. If you cannot, then it’s likely the former.
In any case, the web server logs might actually help you to figure what’s happening.
Yes, you shouldn't need to use ZeroSSL at all in this case; you should be able to automate the process with Certbot!
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.
