SSL Question.

General Discussion
  • #1

    Is there anything specific that needs to go into nginx or the config if I wanted to go 100% SSL? Or is it just a case of redirecting all http to https?

    I've turned on this universalSSL from cloudflare, but https:// doesn't work on my domain yet, so will wait a bit longer, I'm pretty sure I need a signed certificate still, but one step at a time.

  • #2

    From what I know, the whole point of the Universal SSL from Cloudflare is that you don't need your own certificate. It just takes a while to activate that option on an account.

    Not sure how it works with nginx, but with my own certificate I just had to configure nginx to use my cert, then redirect all links to https and preferably re-run the setup so you set the forum url starting with https.

  • #3

    Does universal SSL cause mixed content problems with browser?

  • #4

    @peter If you have mixed content in your browser, then yes. But that's something that will be addressed as they're spotted. (Using http:// instead of https:// in embedding plugins etc)

  • #5

    I'll send you a chat about this and see where you're at.

  • GNU/Linux
    #6

    I believe the goals of the Universal SSL was to have zero configuration from your server.

    Simply put, turn it on, and you'll be able to access your site from https://yoursite.com

    What's the error you're seeing?

  • #7

    @julian said:

    At the minute, Firefox is unable to connect. However Cloudflare is still initializing the SSL. So it's probably just a matter of playing the waiting game, I wasn't sure if I needed a certificate on the server or anything like that or specific nginx configs, if it's just a case of changing http:// to https:// when it's up, I should be alright. 😆 I've been practicing my nano techniques.

  • #8

    Just as a general rant, I don't really like the Universal SSL idea. The whole point of SSL is that each site in particular can be trusted (or not); with U-SSL, in theory, if you manage to spoof a certificate then you can spoof any site using universal SSL.

  • GNU/Linux
    #9

    Me neither. Typical SSL key allows two parties to share information, the client and the server. Cloudflare's Universal SSL ups that to three, with CF acting as the middleman.


Suggested Topics


  • SSO questions

    General Discussion
    0 Votes
    3 Posts
    470 Views

  • 0 Votes
    5 Posts
    1951 Views

  • 0 Votes
    6 Posts
    6179 Views

  • 0 Votes
    20 Posts
    3778 Views

  • 0 Votes
    5 Posts
    1774 Views

| | | |