Jump to content

Has anybody got SSL working correctly?


SkydiveUK24

Recommended Posts

I have an SSL cert installed for my domain including the www. so all SSL pages need to be https://www.mydomain.com/shop/authentication.php?back=my-account.php etc. I have enabled SSL in the admin, however all SSL pages are redirecting me to https:// mydomain.com/shop/authentication.php?back=my-account.php and missing out the www. which is a big problem as it then displays a security message stating that the certificate is not for this domain and was issued for another.

Is there any way around this guys?

Any help, advice, any info at all would be appreciated and I need to have SSL enabled.

Link to comment
Share on other sites

OK, after a scout around a few places I think I have solved this problem by adding a permanent rewrite rule to .htaccess enabling pages to be redirected to www. mydomain.com

RewriteCond %{HTTP_HOST} ^mydomain\.com\
RewriteRule ^(.*)$ http://www.mydomain.com/$1 [R=permanent,L]



Is that solution ok to use permanently?

Link to comment
Share on other sites

  • 1 month later...
  • 5 weeks later...

I have it working properly.

And what they're asking you is do you want it applied to

http://www.yourstore.com

or

http://yourstore.com


There's a difference. I would apply it to www.yourstore.com
and then use an .htaccess redirect to make sure that whenever someone types in "yourstore.com" it will automatically go to "www.yourstore.com"

Does that make sense? Lol

Link to comment
Share on other sites

When you buy a security certificate and add it to your domain it should work on both www.yoursite.com and yoursite.com as they are the same domain. Your certificate will cover both, I'm not sure why you would think it would only cover one end of your site. the WWW in the url doesn't change the location of the site it simply states that this site is on the World Wide Web and is not on an Intranet. For instance the security certificate I have for my clients site is registered to: www.medtress.com but will function the same if you were to visit medtress.com. As Merchant implied you may have a certificate that was not configured correctly ask your host to fix this for you. Out of the box PrestaShop's ability to discern between http and https is not that great and will result in you getting those security errors because you may have an linked item that carriers the http protocol and not the https protocol. I have developed a module based off of someones fix on this forum and it works beautifully to properly redirect to the correct protocol. I will post it as soon as I get time. If my information is wrong please correct me cause I can be really stupid at times lol

Link to comment
Share on other sites

When you buy a security certificate and add it to your domain it should work on both http://www.yoursite.com and yoursite.com as they are the same domain. Your certificate will cover both, I’m not sure why you would think it would only cover one end of your site.


Not true. I guess it depends on the cert you use. I've purchased more than a few certs that would only let you use it on one or the other. Then again most of the certs I've purchased have been really inexpensive... $10 - $20 per year.

I don't think it's that big a deal.. it's better for SEO purpose to settle on either "www.yourstore.com" or "yourstore.com" as multiple instances can hurt your ranking.
Link to comment
Share on other sites

When you buy a security certificate and add it to your domain it should work on both http://www.yoursite.com and yoursite.com as they are the same domain. Your certificate will cover both, I’m not sure why you would think it would only cover one end of your site.


Not true. I guess it depends on the cert you use. I've purchased more than a few certs that would only let you use it on one or the other. Then again most of the certs I've purchased have been really inexpensive... $10 - $20 per year.

I don't think it's that big a deal.. it's better for SEO purpose to settle on either "www.yourstore.com" or "yourstore.com" as multiple instances can hurt your ranking.


You should be able to add an alternate name to the certificate. Most commonly you would get the certificate registered to www.yourdomain.com, and would add the alternate domain yourdomain.com both of these URLs would be on the cirtificate. An example:

Subject = www.medtress.com
Subject Alternative Names = medtress.com
Issuer = UTN-USERFirst-Hardware
Serial Number = 273D59D59D9D8AD3A4264B569BE74C0F
Key size = 1024 bit
Signature algorithm = SHA1+RSA (good)

Notice the alternative name.
Link to comment
Share on other sites

Hopefully the answer your host gives can shed light one this lol personally I haven't dealt with a certificate that didn't allow for an alias name.

For clarification when you mentioned the price range in which you bought your certificates I assume you purchased a single-site certificate if so then you would be correct in saying that you would be unable to use the alias yourdomain.com. Alias names are only available on SAN certificates.

Link to comment
Share on other sites

My hosting company stated:

It's because of the distinction made by a webserver between the www. and the 'non-www' version. Let me explain:

The Internet has exactly one root, referred to as '.' (dot). You never see this because it is implied in most situations and thus omitted. It does however show up in things such as the configuration for BIND (DNS server software). Basically, there are master DNS servers for each TLD. TLD stands for Top Level Domain. A TLD is something like com, net, org, info, fm, biz, us, etc. http://www.com is a valid URL (try it!). To look up how what the IP of www.com, your computer first queries your local DNS server, which then would query your ISP's DNS server, which would eventually (if no records could be found) query a root server for the COM TLD. The reason this matters is that www.domain.com has a different DNS record than domain.com. www.domain.com is a member of the superset domain.com, however, the two are not mutually exclusive (www.domain.com is absolutely a subset of domain.com, however, domain.com could also have ftp., mail., etc.)

You can read a bit more about how DNS works here: http://cr.yp.to/djbdns/intro-dns.html

There are also Wildcard certificates which cover *.domain.com, but sadly, * cannot equal null (plain domain.com does not fall under *.domain.com).

There ARE companies that offer certs that work with both 'www' and 'non-www' domains, you can find them with a quick google search:

http://www.google.com/search?rlz=1C1GGLS_enUS310US310&sourceid=chrome&ie=UTF-8&q=SSL+cert+www+non+www

Let us know if that doesn't make sense.
Link to comment
Share on other sites

What they said makes perfect sense, when purchasing your certificate just make sure you purchase one that would allow for subject alternate names such as a SAN, EV, or WildCard. As for the DNS info they gave I guess you learn something new everyday ;) thanks for asking your host.

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...