Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

Security Certificate Question (on Drupal site)

gavroche

gavroche

macrumors 65816
Original poster
Oct 25, 2007
1,481
1,610
Left Coast
So i'm having a problem with my site. It stopped working (found out that the security certificate did not renew/setup properly). Sometimes the site would not load at all, others it would give an error message, and often clicking on pages caused it to give the warning box that the browser could not verify the authenticity of the site.
So after talking to my domain hoster GoDaddy... i opted to cancel the security certificate (i'd like to have someone change my payment method from the Authorize.net Gateway link, to just a simpler Paypal module). The tech guy at GoDaddy cancelled it... and said that it should take a couple hours for the change to propagate through their servers and my site should come back up.
It has come back up... however, clicking on some of the page links, or trying to proceed with placing an order, results in a page load error. Says that "Safari can't open the page "https://www.fleetfootcourier.com/......"
So it's still trying to load the secure page. Is this something that should be fixed on the server side... or do I have to get a web developer to go into the site and fix links/references in the site itself?
Help appreciated... i currently have no web page guy, the one that build my site disappeared.... :(
 
Just because you 'cancelled' (revoked) and SSL certificate, it doesn't mean your web server isn't going to stop listening on port 443. Turn off the SSL virtualhost stanzas so your webserver is only listening on port 80.

As far as why your original SSL certificate wasn't coming up verified, it's most likely because you didn't include the GoDaddy SSL certificate chain on your webserver's configuration.
 
ocabj said:
Just because you 'cancelled' (revoked) and SSL certificate, it doesn't mean your web server isn't going to stop listening on port 443. Turn off the SSL virtualhost stanzas so your webserver is only listening on port 80.

As far as why your original SSL certificate wasn't coming up verified, it's most likely because you didn't include the GoDaddy SSL certificate chain on your webserver's configuration.
Click to expand...

So as a complete website novice, is it possible for me to figure out how to.... turn off the SSL virtual host stanzas on my own?

And yes, when the certificate auto-renewed for another year... I didn't do anything... I assumed it would just update and work on its own. I have not had anyone doing maintenance on the site for a while. Not for lack of trying... I've emailed over a dozen website companies that advertise in my area (San Diego)... outlining what I need done on my site. Haven't gotten a single response. I finally dropped by a local place in person, and talked to someone.... just have to come up with the money he wanted for the work I need done (install paypal module, install auto-fill address suggestions in my address fields).
 
So when I log in as admin, under the "Configuration" and "System" Tabs... I see the following page.

Has a option for "enabled" and "disabled" for secured pages. It is currently set to "enabled." However, it does not let me select "disabled." Is this the right area for me to turn off references to secure pages... and if so how do i get it to let me disable it?
 

Attachments

  • Secure Pages.png
    Secure Pages.png
    116.1 KB · Views: 189
gavroche said:
So when I log in as admin, under the "Configuration" and "System" Tabs... I see the following page.

Has a option for "enabled" and "disabled" for secured pages. It is currently set to "enabled." However, it does not let me select "disabled." Is this the right area for me to turn off references to secure pages... and if so how do i get it to let me disable it?
Click to expand...

I've never used Drupal, but I'm guessing that controls whether or not it references https vs http links within the CMS, so I would assume you would use that interface to disable "secured pages". As far as why I won't let you disable in that context, you'll probably need to check the support documentation.

And that warning in the header about a security update should probably be addressed.
 
ocabj said:
I've never used Drupal, but I'm guessing that controls whether or not it references https vs http links within the CMS, so I would assume you would use that interface to disable "secured pages". As far as why I won't let you disable in that context, you'll probably need to check the support documentation.

And that warning in the header about a security update should probably be addressed.
Click to expand...

I cant figure out a way to let me switch it to disable secure pages. However, further down in the controls is a box where you can specifically list which pages to make secure, and I removed those listed. Works ok now.

As for the message about the security updates.... ugh. Seems like they release updates to the modules every week. Those alerts are neverending!
 
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back