https/ssl certificate signing for non *.commons.gc.cuny.edu domains
For sites that are not hosted under the *.commons.gc.cuny.edu domain, the existing https certificate does not verify, causing problems for loading pages in browsers that check the certificates, particularly when logged in. Would it be possible to somehow add individual sites to the certificate or to verify based on the *.gc.cuny.edu domain?
One of the big problems posed is when users are logged in to the commons and they visit one of the affected sites, some browsers (chrome) won't load resources that requested over http, which are requested as such because the ssl cert rejection causes the wordpress backend to default to http, or something along those lines...
The four specific sites for which I've observed this problem are:
#3 Updated by Boone Gorges almost 7 years ago
- Category name set to Server
- Assignee set to Boone Gorges
- Target version set to Not tracked
Thanks, Keith. I've made some changes on the server so that all https requests on pages not covered by the *.commons.gc.cuny.edu are now directed to their non-SSL counterparts. However, in my (somewhat limited) testing, I had mixed results: the redirect is working, but only after the server has actually been contacted; and trying to access eg https://pcp.gc.cuny.edu throws an "untrusted connection" browser warning before the site is even hit.
Will you test a little bit to see if what's currently in place is solving your problems? If not, could you be a bit more specific about the particular scenarios where the problem is being exhibited?
#4 Updated by Keith Miyake almost 7 years ago
- Status changed from Reporter Feedback to Resolved
You're awesome, Boone! Like you mentioned, I'm still getting the certificate warning if I go directly to https://pcp.gc.cuny.edu, but if I go to the non-ssl site it seems to work fine. And the primary problem--elements not loading because of mixed http/s when logged in--seems to be fixed since everything is loading over http now. I think we can mark this as closed.