SSL Question.



  • Is there anything specific that needs to go into nginx or the config if I wanted to go 100% SSL? Or is it just a case of redirecting all http to https?

    I've turned on this universalSSL from cloudflare, but https:// doesn't work on my domain yet, so will wait a bit longer, I'm pretty sure I need a signed certificate still, but one step at a time.



  • From what I know, the whole point of the Universal SSL from Cloudflare is that you don't need your own certificate. It just takes a while to activate that option on an account.

    Not sure how it works with nginx, but with my own certificate I just had to configure nginx to use my cert, then redirect all links to https and preferably re-run the setup so you set the forum url starting with https.



  • Does universal SSL cause mixed content problems with browser?



  • @peter If you have mixed content in your browser, then yes. But that's something that will be addressed as they're spotted. (Using http:// instead of https:// in embedding plugins etc)



  • I'll send you a chat about this and see where you're at.


  • GNU/Linux Admin

    I believe the goals of the Universal SSL was to have zero configuration from your server.

    Simply put, turn it on, and you'll be able to access your site from https://yoursite.com

    What's the error you're seeing?



  • @julian said:

    At the minute, Firefox is unable to connect. However Cloudflare is still initializing the SSL. So it's probably just a matter of playing the waiting game, I wasn't sure if I needed a certificate on the server or anything like that or specific nginx configs, if it's just a case of changing http:// to https:// when it's up, I should be alright. 😆 I've been practicing my nano techniques.



  • Just as a general rant, I don't really like the Universal SSL idea. The whole point of SSL is that each site in particular can be trusted (or not); with U-SSL, in theory, if you manage to spoof a certificate then you can spoof any site using universal SSL.


  • GNU/Linux Admin

    Me neither. Typical SSL key allows two parties to share information, the client and the server. Cloudflare's Universal SSL ups that to three, with CF acting as the middleman.


Log in to reply
 

Suggested Topics

  • 2
  • 7
  • 4
  • 8
  • 4
| |