Due to changes in Apple, Mozilla and Google Root Store Policies, as of September 1, 2020, newly issued SSL/TLS certificates with a validity period greater than 13 months (397 days) are prohibited by policy and will not be trusted. https://www.globalsign.com/en/blog/maximum-ssltls-certificate-validity-now-one-year https://blog.mozilla.org/security/2020/07/09/reducing-tls-certificate-lifespans-to-398-days/ […]
LetsEncrypt Windows
LetsEncrypt provide Free SSL with 90 day validity. You need to renew it every 90 days, there are software to do this. For windows some of the popular software are. win-acme This is a small exe file, it have command line interface (No GUI). You need to run this program ad Administrator (Run as Administrator), […]
Redirect a site to HTTPS using PHP
This PHP script will redirect web site visitor to HTTPS (SSL) url. You can add this in your index.php of the web site
|
1 2 3 4 5 6 |
if (empty($_SERVER['HTTPS']) || $_SERVER['HTTPS'] != "on" ) { header("HTTP/1.1 301 Moved Permanently"); $newUrl = "https://" . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']; Header("Location: $newUrl"); exit; } |
Move a site to new URL using PHP
|
1 2 3 4 |
$newUrl = "https://NEW-URL-HERE" . $_SERVER['REQUEST_URI']; header("HTTP/1.1 301 Moved Permanently"); Header("Location: $newUrl"); exit; |
You can also use Apache mod_rewrite .htacess to do the redirection. […]
IIS redirect site to HTTPS
To force a site to always use HTTPS, add following content to web.config file.
|
1 2 3 4 5 6 7 |
<rule name="HTTPSOK" stopProcessing="true"> <match url="(.*)" /> <conditions> <add input="{HTTPS}" pattern="^OFF$" /> </conditions> <action type="Redirect" url="https://{HTTP_HOST}{REQUEST_URI}" /> </rule> |
Here is full web.config file for a web site that use WordPress and Force SSL
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 |
<?xml version="1.0" encoding="UTF-8"?> <configuration> <system.webServer> <handlers> <remove name="PHP_via_FastCGI" /> <add name="PHP_via_FastCGI" path="*.php" verb="GET,HEAD,POST" modules="FastCgiModule" scriptProcessor="C:\Program Files (x86)\PHP\v5.3\php-cgi.exe" resourceType="Either" requireAccess="Script" /> </handlers> <rewrite> <rules> <rule name="SEO friendly URL " patternSyntax="Wildcard"> <match url="*" /> <conditions> <add input="{REQUEST_FILENAME}" matchType="IsFile" negate="true" /> <add input="{REQUEST_FILENAME}" matchType="IsDirectory" negate="true" /> </conditions> <action type="Rewrite" url="index.php" /> </rule> <rule name="HTTPSOK" stopProcessing="true"> <match url="(.*)" /> <conditions> <add input="{HTTPS}" pattern="^OFF$" /> </conditions> <action type="Redirect" url="https://{HTTP_HOST}{REQUEST_URI}" /> </rule></rules> </rewrite> </system.webServer> </configuration> |
[…]
Remove SSL private key password
To remove password from SSL private key, run
|
1 |
openssl rsa -in PASSWORD_PROTECTED.key -out NO_PASSWORD.key |
This will ask for password. Once you enter password, key get saved with out password. […]
Convert SSL certificate into PFX format
To convert SSL certficiate into PFX format, run
|
1 |
openssl pkcs12 -export -out certificate.pfx -inkey private-key.key -in certificate.crt -certfile ca-certificate.crt |
Example for SSL from namecheap/ssls
|
1 |
openssl pkcs12 -export -out certificate.pfx -inkey serverok_in_key.txt -in serverok.in/serverok.in.crt -certfile serverok.in/serverok.in.ca-bundle |
[…]
Purchase SSL
Here are some cheap SSL providers https://www.sslforfree.com/ https://zerossl.com https://www.ssls.com/ https://www.gogetssl.com https://www.namecheap.com/security/ssl-certificates/comodo/ See SSL […]
ssl checker
Here is few web sites where you can check your SSL certificate is installed properly. https://www.ssllabs.com/ssltest/ https://cryptoreport.websecurity.symantec.com/checker/ https://sslanalyzer.comodoca.com/ See SSL […]
Enable SSL in Magento 1.9
To enable SSL in Magento, go to System > Configuration Click on “Web” link on left menu. On this page, set Auto-redirect to Base URL to No. Under “Unsecure” option, change the URL to use HTTPS. Under “Secure” option, set “https” for Base URL. Set “Yes” for both “Use Secure URLs in Frontend” and “Use […]
Convert PFX SSL Certificate
Mcrosoft Azure App Certificate is used to secure Azure App Services, now they allow export of this SSL certificate in PFX format, so it can be used in other services like Azure VM or third party applications. You need to use a powershell script provided by Microsoft to do the Export. To use the SSL […]