SSL cert not working on main Discourse site

That’s odd. This is the first I saw this. But thanks for informing me. Try this link: https://avdisco.com/ instead.

2 Likes

Yup that works fine … looks like you either need to stop advertising the other link, or generate a certificate for it.

I did that on one of my sites, see: Setting up Let’s Encrypt with Multiple Domains - sysadmin - Discourse Meta

3 Likes

Or redirect www to the apex :smiley: that might be simpler.

3 Likes

@Desray, You have 3 links in the html in your www version. Use your browser inspector. One is a Mozilla link and two are I3C links. Change them to https and that should do the trick.

Thanks Jim. Anyway, I already added “www” to as a ‘A’ record to my DNS manager. This should fix the problem. Can try https://www.avdisco.com again.

BTW I’m using cloudflare DNS instead of my original domain hosting DNS manager for all my DNS needs. Furthermore it is also more secured and also faster.

1 Like

Nope. Still insecure. You have to change those 3 links from http to https.

Hmmn any step by step guide? TIA.

1 Like

I’ll PM you in a couple of minutes and we can take this to community.letsencrypt.org. There’s two guys on there right now who can guide you through it quickly. One other thing… you have TlS 1.0 & 1.0 enabled. Those encryption are outdated and should be disabled also.
This is off-topic so we can move the discussion in a few minutes.

1 Like

Thanks. Just a normal user and not trained in this web security field.

1 Like

Use my link. It will ensure your certificate is renewed on rebuild. You can achieve this on the command line too (that’s what the script ultimately does) but that will not renew you automatically.

1 Like

I also found out he didn’t include his www in his certificate. I let two guys know he was showing up and filled them in on what I found. He’s getting help right now as we speak. :smiley:

I’m not convinced you’ve understood my point.

1 Like

I’m confused. So what is the correct advice for me? LoL

Use the how-to I linked. It’s specifically for Discourse. It will embed automatic renewal in your rebuild process so whenever you ./launcher rebuild app. Sure you can use the command line and letsencrypt guys will be able to direct you to do that but then you will forget and it will expire again.