Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

https://www.openemu.org has bad certificate #8

Open
lilyball opened this issue Apr 17, 2019 · 7 comments
Open

https://www.openemu.org has bad certificate #8

lilyball opened this issue Apr 17, 2019 · 7 comments

Comments

@lilyball
Copy link

Trying to visit https://www.openemu.org serves me a certificate for www.github.com. The bare https://openemu.org works.
@clobber
Copy link
Member

clobber commented Apr 17, 2019
edited

Am aware. This is a side effect of GitHub's new support for automatic HTTPS for custom hosted domains (and some browsers like Safari's address bar sometimes forcing a www subdomain in front of the apex domain for typed-in addresses). I've seen this reported and unresolved by other projects -- the fix I assume is at the DNS level. In the mean time, our official URL is openemu.org and accessible via https/http without the www as always.

@clobber clobber transferred this issue from OpenEmu/OpenEmu Apr 17, 2019
@craigerskine
Copy link
Member

Does github allow .htaccess so we could write a redirect to force the url to https sans www? I do this on all my linux hosted sites and it works very well.

@lilyball
Copy link
Author

@craigerskine That presupposes being able to even talk to the site in the first place. You can't redirect someone if they don't accept your certificate.

@skyzyx
Copy link

skyzyx commented Jun 23, 2019

The certificate is working correctly for my GitHub Pages-hosted website. This is probably worth another look in the preferences.

@Triloworld
Copy link

It is done in DNS level as docs say: https://help.github.com/en/github/working-with-github-pages/managing-a-custom-domain-for-your-github-pages-site#configuring-an-apex-domain

So somebody just need to login to Namecheap (registar and DNS provider) and add that "www" subdomain as a CNAME/ALIAS.

@clobber
Copy link
Member

clobber commented Nov 24, 2019

@Triloworld Thanks for the 2 cents, but everything is configured properly at the DNS level, including the CNAME record. The issue is that GitHub only generates a certificate for the apex domain and no wildcards or www subdomains, so trying to resolve https://www.openemu.org simply will not work and browsers will rightly complain about it. I've seen enough complaints on GitHub forums already requesting they change the certificates.

This is not our problem. The OpenEmu domain is openemu.org and not www.openemu.org.

@clobber clobber mentioned this issue Jan 29, 2021
Closed
@Triloworld
Copy link

@clobber it's working now fine - there is now proper redirect and ssl cert with alternatives names :)
For further reference: https://www.ssllabs.com/ssltest/analyze.html?d=openemu.org&hideResults=on&latest

DNS CAA records missing to add some security and seo boost point (guide: https://nikhilshares.medium.com/publishing-github-page-website-on-a-custom-domain-with-https-enforcement-c034e1e53415#67b4) - Value to add letsencrypt.org in CAA record for domain and all subdomain for futher development as branch previews.

openemu.org.  CAA 0 issue "letsencrypt.org"
openemu.org.  CAA 0 issuewild "letsencrypt.org"

Thx for great work.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@lilyball @skyzyx @craigerskine @clobber @Triloworld