drchunks Posted February 13, 2018 Posted February 13, 2018 Hello,I just installed a WordPress site on Johnny and I have set up my registrar to point to the heliohost nameservers. My registrar (PorkBun.com) offers free SSL certificates through Let's Encrypt and when I went to install them two nights ago, the form in cpanel was able to automatically retrieve them. Install ways successful and I have even verified that what is installed in cpanel matches the ssl bundle that I downloaded form Porkbun. When I visit my domain (hipotlabs.com) without https, the page loads fine, however anytime I click a link in the page with https or manually prefix the url with https, I get the "website is not secure" page. If I choose to bypass the warning and proceed to the page, I get a "Index of /" header at the top of the page with the cgi-bin folder listed underneath. I read in the documentation about adding a folder under the home directory, and another folder within that to upload a separate file to verify ownership of the domain, but Porkbun does not seem to provide such a file from what I can tell. Please let me know if I've done something wrong or if that lack of verification file is the issue. Thanks in advance.
wolstech Posted February 13, 2018 Posted February 13, 2018 Usually that not secure error is a result of not waiting long enough (it takes up to 12 hours for Johnny to refresh and recognize SSL certs after installation), but considering you said it's been 2 days...I'm not sure what's up here. The fact you see a different site if you ignore the security warning is kind of odd...usually you get the same site with an invalid (usually self-signed) certificate. I'll let Krydos look at this further. Please note though that SSL barely works on Johnny, and it's known for being troublesome. You have to play with it until you get it working. I'd recommend moving to Ricky or Tommy if you can, they actually work reliably with SSL. Also, those servers don't even require you install a certificate for SSL since cPanel automatically gets one for you and renews it when it expires.
Krydos Posted February 13, 2018 Posted February 13, 2018 Try these instructions to install ssl http://wiki.helionet.org/Installing_a_Let%27s_Encrypt_SSL_Certificate
drchunks Posted February 13, 2018 Author Posted February 13, 2018 Krydos, So you're saying I can't use the certs provided to me by my registrar?
Krydos Posted February 13, 2018 Posted February 13, 2018 The certificates provided by your registrar don't seem to be working. Our instructions and your registrar's certificates come from the same place anyways: Let's Encrypt.
mrj Posted February 14, 2018 Posted February 14, 2018 As far as I know, Chrome doesn't show secure, not-secure or not fully secure flags based on your SSL or hosting. Please Read this.
wolstech Posted February 14, 2018 Posted February 14, 2018 It does when he can't even install the certificates on our end so Chrome sees them. He has a self-signed cert by default, and every browser in existence will squawk at that. Chrome will show a privacy warning, then if ignored, leaves an HTTPS in the bar that's crossed out in red because the cert is bad. The secure/not secure/green https/etc. is a different thing altogether in chrome, and is specific to chrome. Other browsers don't do that.
mrj Posted February 14, 2018 Posted February 14, 2018 @wolstech yes, only chrome has such issues. But they don't pop-up or something so I think that is not a big problem. Most peoples don't uses chrome also.
wolstech Posted February 14, 2018 Posted February 14, 2018 Most peoples don't uses chrome also.Er, yes they do. Chrome leads by 47% over the second most popular choice: https://netmarketshare.com/browser-market-share.aspx
Recommended Posts