This is an old revision of the document!


HTTPS on cloud/web hostings

Online.net proposes now the usage of HTTPS on its cloud hostings by default.

HTTPS allows to securize the exchanges between the client (visitor of your site) and the server (our platform)
It usually preferred for online shops, but HTTPS becomes more and more a standard on the web.

The certificate is automatically managed by [[{{:en:web:web-hosting:cloud-management:letsencrypt-logo-horizontal.png?100|}}

It is a new iniative that allows to generate SSL certificates that are known by all browsers and it is free.

SSL is only compatible with OS/browsers that support SNI (https://en.wikipedia.org/wiki/Server_Name_Indication). This means that the following clients can't connect to sites hosted in HTTPS:
  • Windows XP (IE6/IE7)
  • Android 2.x
  • Versions below iOS 4 (iPhone)

Conditions

  1. You have a ESSENTIAL or PERFORMANCE cloud hosting
  2. You have configured a DNS record pointing to pfXXX.mutu-perf.online.net [212.47.231.228] ( A record for the domain and an A or CNAME record for each subdomain (or A * / CNAME *)

How does it work?

Upon the creation of a subdomain or at each addition of an alias / linked domain a certificate is generated.

The site is then accessible via http://www.domain.tld or https://www.domain.tld

How to force HTTPS for the whole site

To force a site to accept SSL, such as a CMS, simply add the .htaccess file the following code:

RewriteEngine On
RewriteCond %{HTTP:HTTPS} !on
RewriteRule (.*) https://%{SERVER_NAME}/$1 [QSA,L,R=301]
       

Is it possible to disable?

To disable SSL, you need to put the following code in the .htaccess file

RewriteEngine On
RewriteCond %{HTTP:HTTPS} on
RewriteRule (.*) http://%{SERVER_NAME}/$1 [QSA,L,R=301]

Error messages

There are two types of errors that may occour.

Insecure connection

This may happen for example if the subdomain does not exist in the certificate.

In this case, you need to add the subdomain in the console, or if it exists already to add/deltete it - or to create another subdomain (this will force the regeneration of the certificate)

Connection error

This means there is no certificate for this domain. You need to verify the DNS records and force the regeneration by creating a subdomain

Notes

When using https, it needs to be used everywhere.

For example a site that loads for example JavaScript scripts or external images by http, will display a https alert in the browser (style “non Secure Content”).

In some cases it could not display it (Chrome did that in some cases).