https does not work for my domain

Question:

I tried to go to https://my-domain.com/ (notice the ‘s’ in https) to view a secure, SSL-encrypted version of my page. My page did not come up. How do I enable SSL?

Answer:

SSL requires a dedicated IP. By default https will go to the generic server page (the control panel).

A dedicated IP is $2 per month and would allow https to work on one domain. Each domain needs its own IP (this is how SSL works and is not a rule of ours).

SSL also requires an SSL certificate. We can create an un-signed cert for you for free. An un-signed cert will encrypt your pages but show a warning in most browsers the first time you load the page because the cert is unsigned.

For a yearly fee we can provide you with an official signed cert which does not show any warning message. Contact support to buy a certificate.

You may have used this:

https://your-server-here.phpwebhosting.com/~your-user-name-here/

in the past for SSL. This still works but is not guaranteed to always work in the future. There are several issues with providing ~username dirs that have caused some discussion about discontinuing them in the future.

Does my account support wildcard SSL certs / certificates?

Question:

Does my account support wildcard SSL certs / certificates?

Answer:

Wildcard certs work fine. Keep in mind however that wildcard certs only work for 1st level subdomains like:

*.my_domain.com

not

*.subdomain.my_domain.com

Not important for most uses but something to note. Contact support to order your certificate or to have your existing certificate installed.

Will my secure certificate work on my wildcard domains?

Question:

I have multiple subdomains that I use on my site (sub1.my-domain.com, sub2.my-domain.com, sub3.my-domain.com, etc.). If I buy an SSL certificate will it work for all my subdomains?

Answer:

A regular certificate work for all domains, however it will give a warning on anything other than the domain it is issued to. The site will still be encrypted but the user’s web browser will get a warning about the name mismatch.

You can buy wildcard certs but they are pretty expensive.

If you just want encryption, a regular single-domain cert will work fine for all your subdomains. But if you need it to look correct on all domains (ie. no site-name mismatch warning from the browser) you’ll need either a wildcard cert or multiple single domain certs.

How can we make our site secure?

Using SSL involves purchasing an SSL Certificate and installing it to your account.

A certificate is $59 per year and will match both www.yourdomain.com and yourdomain.com – many SSL providers only allow one name. Ours will cover both.

There is also a $2 monthly charge for a dedicated IP address. A dedicated IP is required for SSL to work (with any hosting company). Most Search Engine Optimization (SEO) experts also believe that a dedicated IP can improve your search engine rankings.

The first step in getting an SSL certificate is answering the following questions (required to create the cert) :

Country Name (two letter code – example: US)
State or Province Name (full name)
Locality Name (eg – city)
Organization Name (eg – company name)
Organizational Unit Name (eg – section or department – this is optional)
Secure URL (eg – secure.yourdomain.com, www.yourdomain.com, etc.)
Email Address
An optional company name (this is optional)

Note: The secure URL is the URL that the cert will work for. If you use www.yourdomain.com, we will add yourdomain.com for free.

Enter this information into a support ticket along with a statement such as “I approve the $59 yearly cert fee and $2 monthly dedicated IP fee” and we can have your cert ready in a few hours in most cases.

My SSL-encrypted website gives a warning stating that “there are both secure and non secure items”, how can I fix this?

Question:

I recently had you install a SSL certificate to my site. Now when I go to https://www.my_site.com/ I get a message stating there are both secure and non secure items and do I want to continue. If I click “yes” I lose the “lock” symbol. When I click “no” the lock remains. How do we get this message removed? Please advise.

Answer:

Check all your links on the page. What this means is that you have some links (probably to images) that link to your non-ssl page.

Usually you’ll find that you’ve linked to an image or page as :

http://your_site.com/directory/image.jpg

etc.

when all you really need is :

/directory/image.jpg

It is not illegal to specify the full URL, but when using SSL the browser will give that warning if you links/images/etc. that are linked in to your full site URL. As a side note, it is always better to link to items on your site as a reference to the root / directory and not the full URL. It makes the connection a bit quicker and it also makes it much easier if you ever need to move your site to a test domain for testing, etc (you won’t need to rewrite all the links!).

Another possible cause of the problem :

If you pull in images from a partner site, hit counter, etc. that is on a non-SSL site you will get this warning message too.

Basically, when a page is referred to via SSL the browser will demand that all the items inside the page are also SSL.

I am purchasing a secure certificate and need a CSR. Can you generate a CSR for me?

Sure! All you need to do is send us the answers to the following questions:

Country Name (two letter code – example: US)
State or Province Name (full name)
Locality Name (eg – city)
Organization Name (eg – company name)
Organizational Unit Name (eg – section or department – this is optional)
Secure URL (eg – secure.yourdomain.com, www.yourdomain.com, etc.)
Email Address
An optional company name (this is optional)

Note: The secure URL is the ONLY URL that will not generate a warning error when referenced with your certificate. For example, if you enter www.yourdomain.com then only URL’s referenced as www.yourdomain.com will work without displaying a warning message. Other URL’s will still be secure, but will generate a warning that the name on the certificate does not exactly match the URL

Once you have completed and returned the answers to us, we will generate the CSR and put it in your base FTP folder for you to forward to your certificate issuer.

Please put “CSR request” in the subject line of your help desk request.