cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Go to solution
Highlighted
New

SSL and CNAMEs

Hello, I use a storefront service called Limited Run that lets you point CNAME records at it to use custom domains.

 

While the base site is SSL secured, that service is no longer extended when you use a custom domain. I've been told that this isn't a major security concern because the cart, the part of the site where people go through with their transactions, is still SSL secured (as either an iframe or separate window depending on visitor preferences).

 

But that doesn't do anything to assuage visitors who see 'NOT SECURE' in their address bar most of the time.

 

So, I've been trying to figure out what the best solution would be! We don't need any sort of advanced security, because LR handles the stuff that needs it just fine.

 

Would purchasing an UCC/SAN or Wildcard SSL make the aliased domain possible to connect to through HTTPS? Another useful note is that in this context, I only use GoDaddy for domain hosting, there's no webserver involved that I have access to.

1 ACCEPTED SOLUTION

Accepted Solutions
Community Manager
Community Manager
Solution

Re: SSL and CNAMEs

@öö In order for HTTPS to work, the connection has to find an SSL Certificate that covers the specific URL at the IP the URL is pointing to. Using something like our forwarding service wouldn't work as that changes the IP your domain points to. However, the example site you gave uses Cloudflare's DNS/caching service. I'm not fully versed in how that works, but I believe it pulls a copy of the site from the provider and hosts it on their end, so they are able to secure it with a valid SSL Certificate. You may want to look into their services in your situation. 

 

JesseW - GoDaddy | Community Manager | 24/7 support available at x.co/247support | Remember to choose a solution and give kudos.

View solution in original post

5 REPLIES 5
Highlighted
Community Manager
Community Manager

Re: SSL and CNAMEs

Hi @öö. Thanks for being part of GoDaddy Community! In order to use HTTPS, an SSL Certificate would need to be installed on the web server that your domain is pointed to. If LR would allow you to install a certificate, then purchasing and requesting one would work. Otherwise, there wouldn't be a point in purchasing a certificate. I hope that helps. 

 

JesseW - GoDaddy | Community Manager | 24/7 support available at x.co/247support | Remember to choose a solution and give kudos.
Highlighted
New

Re: SSL and CNAMEs

Thanks @JesseW, that's what I was thinking, but I'm still pretty new to the world of SSL and wanted to make sure.

 

Expanding the scope a little, let's suppose I added web server hosting to the domain I wanted to have a LR subdomain of. If I were to simply forward the bare domain--let's call it mystore.com--to www.mystore.com, which would be the aliased LR storefront, would an SSL I purchase and host at the mystore.com server be able to cover it?

 

I know for a fact that some Limited Run stores use SSL on custom domains, like this one, so it's certainly possible. Just trying the best (and simplest) way to do the same.

Community Manager
Community Manager
Solution

Re: SSL and CNAMEs

@öö In order for HTTPS to work, the connection has to find an SSL Certificate that covers the specific URL at the IP the URL is pointing to. Using something like our forwarding service wouldn't work as that changes the IP your domain points to. However, the example site you gave uses Cloudflare's DNS/caching service. I'm not fully versed in how that works, but I believe it pulls a copy of the site from the provider and hosts it on their end, so they are able to secure it with a valid SSL Certificate. You may want to look into their services in your situation. 

 

JesseW - GoDaddy | Community Manager | 24/7 support available at x.co/247support | Remember to choose a solution and give kudos.

View solution in original post

Highlighted
New

Re: SSL and CNAMEs

I gave Cloudflare a shot a while back and had difficulty getting it to work
nicely with the store cookies/JS, but I did some more digging and came
across their cache level/page rule systems. Got something working - can't
believe it was under my nose the whole time!

Thanks for the info, Jesse.

 

(edited to remove signature -- oops!)

Highlighted
Community Manager
Community Manager

Re: SSL and CNAMEs

@öö Awesome. Glad you got it worked out!

 

JesseW - GoDaddy | Community Manager | 24/7 support available at x.co/247support | Remember to choose a solution and give kudos.