Welcome to WebmasterWorld Guest from 54.163.35.238

Forum Moderators: ergophobe

Message Too Old, No Replies

ssl exception in browser - best practice

     

erpo

8:44 am on Aug 23, 2010 (gmt 0)

5+ Year Member



Hello All,

If I tell you

"Please have a look at my demo site [demo.mydomain.tld"....]
My SSL certificate is only valid for www.mydomain.tld, so your browser will complain and you will have to add an exception to access the site.
",

there is no problem for you to connect on my demo site.

But if I say the same to my mother in law, the result can't be predicted.

So I'm looking for a cool way to set ssl exceptions in popular browsers.

Any suggestion ? (other than "get a wildcard certificate" and "use another url")

TIA

phranque

10:55 am on Aug 23, 2010 (gmt 0)

WebmasterWorld Administrator phranque is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month



welcome to WebmasterWorld [webmasterworld.com], erpo!

this is all under user control in the browser and can't be affected by the server or even by a client-side script such as javascript nor embedded app such as java or flash.
perhaps an add-on/plugin could bypass the ssl exception dialog.

jdMorgan

11:32 am on Aug 23, 2010 (gmt 0)

WebmasterWorld Senior Member jdmorgan is a WebmasterWorld Top Contributor of All Time 10+ Year Member



The best solution is to get a "wild-card" SSL certificate that applies to both example.com and www.example.com and <anything>.example.com

Jim

erpo

1:15 pm on Aug 23, 2010 (gmt 0)

5+ Year Member



@phranque:

I know that user collaboration is needed.

I just want to ease the process. In my particular case, access is only by invitation, each user receives a mail before connecting. I could attach an executable and ask the user to run it.

Or I could send the certificate with detailed instructions ?

rocknbil

5:20 pm on Aug 23, 2010 (gmt 0)

WebmasterWorld Senior Member rocknbil is a WebmasterWorld Top Contributor of All Time 10+ Year Member



Why not run the demo in a directory of the parent instead of a subdomain?

erpo

6:04 pm on Aug 23, 2010 (gmt 0)

5+ Year Member



Redesigning (or correct design mistakes as you could call it) is not an option.

I created this thread to make sure there were no easy way to solve my problem without purchasing another certificate.

I'll try first with instructions in the invitation mail. If it causes too much trouble to my users, I'll purchase a wildcard certificate.

Thank you for your time.
 

Featured Threads

Hot Threads This Week

Hot Threads This Month