I never consciously decided to try to use my "synology" certificate for my other domains. I really don't know how that happened.
I will have do it all again, and this time amend the .htaccess file as well
Install a free SSL certificate
-
- Posts: 82
- Joined: Sun Apr 08, 2018 6:52 pm
Re: Install a free SSL certificate
And this time it worked like a charm
So, in summary:
1. Get a Let's Encrypt certificate for the domain
2. Configure the certificates to use the correct cert for the domain
3. Update Web Station Virtual host to enable https settings
4. Update WordPress > Settings > General to use https://
5. Edit .htaccess to add rewrite conditions
6. Change any internal links on the site that point to http:// pages
Is that correct?
So, in summary:
1. Get a Let's Encrypt certificate for the domain
2. Configure the certificates to use the correct cert for the domain
3. Update Web Station Virtual host to enable https settings
4. Update WordPress > Settings > General to use https://
5. Edit .htaccess to add rewrite conditions
6. Change any internal links on the site that point to http:// pages
Is that correct?
-
- Posts: 82
- Joined: Sun Apr 08, 2018 6:52 pm
Re: Install a free SSL certificate
How do I create a Let's Encrypt certificate for a domain and subdomains? Are subdomains included automatically or do i have to list them as alternative names?
Last edited by Paul Barrett on Thu Mar 14, 2019 10:28 am, edited 1 time in total.
-
- Posts: 133
- Joined: Sun Oct 01, 2017 3:08 pm
Re: Install a free SSL certificate
Yes your summary is correct. Keep in mind if you create a new website you won’t need to modify .htaccess because the virtual host settings can connect using HTTPS if selected.
It is best to check with the CA vendor when using subdomains as their services vary. For example Let’s Encrypt supports sub domains but some vendors do not.
The Synology knowledge base has good info on creating a CSR for domains and subdomains using DSM.
Regarding adding the HTTPS htaccess entry, this is useful for visitors that may have book marked your site. Browsers store the URL info and switching from http to https or https to http can cause issues. The 301 in the command line let’s browsers know the change you’re making is permanent.
It is best to check with the CA vendor when using subdomains as their services vary. For example Let’s Encrypt supports sub domains but some vendors do not.
The Synology knowledge base has good info on creating a CSR for domains and subdomains using DSM.
Regarding adding the HTTPS htaccess entry, this is useful for visitors that may have book marked your site. Browsers store the URL info and switching from http to https or https to http can cause issues. The 301 in the command line let’s browsers know the change you’re making is permanent.
-
- Posts: 82
- Joined: Sun Apr 08, 2018 6:52 pm
Re: Install a free SSL certificate
Thanks Steve.
I tried adding my subdomains as SANs on a Let's Encrypt certificate, and it was having none of it. As soon as I removed the SANs the request was granted. Go figure.
It won't accept a separate request for a certificate for a subdomain. Ah well. The subdomains are not that important.
I tried adding my subdomains as SANs on a Let's Encrypt certificate, and it was having none of it. As soon as I removed the SANs the request was granted. Go figure.
It won't accept a separate request for a certificate for a subdomain. Ah well. The subdomains are not that important.
-
- Posts: 133
- Joined: Sun Oct 01, 2017 3:08 pm
Re: Install a free SSL certificate
I've never tried adding subdomains to my SSL and I believe most SSL CA vendors charge for that feature.
Free SSL certificates only last 60 to 90 days and since I travel a lot that does not work very well for me. If you forget to renew a certificate, and it expires, users cannot connect to your website.
Free SSL certificates only last 60 to 90 days and since I travel a lot that does not work very well for me. If you forget to renew a certificate, and it expires, users cannot connect to your website.
-
- Posts: 82
- Joined: Sun Apr 08, 2018 6:52 pm
Re: Install a free SSL certificate
Let's Encrypt certificates auto renew though
-
- Posts: 133
- Joined: Sun Oct 01, 2017 3:08 pm
Re: Install a free SSL certificate
Free certificates auto-renew?