Forum: Ruby on Rails why can access https://www.xxx.com. but access https://xxx.com have ssl error

7a566ae5d2b2d772103a20567fb4acc6?d=identicon&s=25 Grant (Guest)
on 2012-10-31 08:21
(Received via mailing list)
I have distribute a rails project.

The server is in linode (apache+passenger).


But i have strange question.

when i access my site use <https://www.xxx.com> . it can access
normally.

But if i access <https://xxx.com>. it will be show a ssl error in page
and
need you
confirm the ssl error and then can goto the actual site.

Who can tell me how can resolve it?
1a4ff0766a653c62e0dab34bacda9873?d=identicon&s=25 Norbert Melzer (Guest)
on 2012-10-31 08:33
(Received via mailing list)
Without to know the actual URL of the server it is not possible to check
that, also you are missing what kind of error you get, so I can only
guess
that your certificate is for www.example.com and doesn't include example
.
com without www.
Am 31.10.2012 08:20 schrieb "Grant" <kucss2010@gmail.com>:
A47e0a6beeb9d048ff054fc1c3a97418?d=identicon&s=25 Walter Davis (walterdavis)
on 2012-10-31 16:31
(Received via mailing list)
On Oct 31, 2012, at 3:20 AM, Grant wrote:

> confirm the ssl error and then can goto the actual site.
>
> Who can tell me how can resolve it?

Is your server configured to host in SSL mode? It's not just a matter of
changing the URL in the browser, you have to have configured the server
to listen on port 443, purchase and configure a security certificate in
Apache or Nginx, and you have to configure Rails to serve in secure
mode. For this last part, I really like the rack-ssl Gem.

Walter
1a4ff0766a653c62e0dab34bacda9873?d=identicon&s=25 Norbert Melzer (Guest)
on 2012-10-31 18:21
(Received via mailing list)
2012/10/31 Walter Lee Davis <waltd@wdstudio.com>:

> Is your server configured to host in SSL mode? It's not just a matter of
changing the URL in the browser, you have to have configured the server to 
listen
on port 443, purchase and configure a security certificate in Apache or Nginx, 
and
you have to configure Rails to serve in secure mode. For this last part, I 
really
like the rack-ssl Gem.

Since it already works for one https-URL and not for the other one, I
suggest that it is set up everythin to work with SSL, but the
certificate is on the wrong URL (www.example.com instead of
example.com + Subdomains)
280b78a61a968391b7e07e912be102a8?d=identicon&s=25 Robert Walker (robert4723)
on 2012-10-31 20:43
Norbert Melzer wrote in post #1082257:
> 2012/10/31 Walter Lee Davis <waltd@wdstudio.com>:
> Since it already works for one https-URL and not for the other one, I
> suggest that it is set up everythin to work with SSL, but the
> certificate is on the wrong URL (www.example.com instead of
> example.com + Subdomains)

DigiCert has a nice explanation of this issue here:

http://www.digicert.com/subject-alternative-name-c...
A850351f7de2ec20730e0271bc6ca651?d=identicon&s=25 mhatch73 (Guest)
on 2012-10-31 23:14
(Received via mailing list)
Norbet is correct. You need to purchase a wildcard certificate to cover
mutiple host names.  if you purchased the cert for www.example.com, it
is
only good for that name.  If you want to host mutiple names with the
same
certificate (provided they are in the same domain) you need to purchase
a
special certificate called a wild card certificate.  This would cover
xxx.example.com, yyy.exmple.com, example.com, etc.
280b78a61a968391b7e07e912be102a8?d=identicon&s=25 Robert Walker (robert4723)
on 2012-11-01 19:51
mhatch73 wrote in post #1082292:
> Norbet is correct. You need to purchase a wildcard certificate to cover
> mutiple host names.  if you purchased the cert for www.example.com, it
> is
> only good for that name.  If you want to host mutiple names with the
> same
> certificate (provided they are in the same domain) you need to purchase
> a
> special certificate called a wild card certificate.  This would cover
> xxx.example.com, yyy.exmple.com, example.com, etc.

As explained in the link I provided in an earlier reply, you don't
necessarily have to use a wildcard certificate. It is possible to
instead use the Subject Alternative Name (SAN) field in a regular
(non-wildcard) certificate.

Here's that link again:
http://www.digicert.com/subject-alternative-name-c...

The difference with using SAN is that you are specifying only the names
you want to be valid for the certificate (e.g. www.example.com and
example.com). This certificate would not match xxx.example.com or
yyy.example.com as a wildcard certificate would.

The SAN field is explained in detail here:
http://www.digicert.com/subject-alternative-name.htm
Please log in before posting. Registration is free and takes only a minute.
Existing account

NEW: Do you have a Google/GoogleMail, Yahoo or Facebook account? No registration required!
Log in with Google account | Log in with Yahoo account | Log in with Facebook account
No account? Register here.