[google-appengine] Re: Naked https (SSL) domain?
Hello Thomas, You can use a “naked” domain rather than the default address that App Engine provided for your app by updating the DNS records as shown here[1]. [1] https://cloud.google.com/appengine/docs/standard/python/mapping-custom-domains?hl=en On Sunday, July 22, 2012 at 1:13:23 PM UTC-4, Thomas Wiradikusuma wrote: > > > Hi guys, > > I'm using GAE's official SSL SNI support in my app. Opening > https://www.temanmudik.com is fine. But opening https://temanmudik.com > (naked domain) gives warning (in Chrome) that essentially says, "Hey, the > cert is not for temanmudik.com, it's Google's". Non-SSL ( > http://temanmudik.com) properly redirects to www. My appid is "neytap". > > So I got creative, I logged in to enom (from Google Apps) then removed all > A mappings (@ -> google IPs) and replaced them with one URL Redirect (@ -> > http://www.temanmudik.com). Non-SSL naked domain is still working, but > now Chrome gives me "This webpage is not available. Google Chrome's > connection attempt to temanmudik.com was rejected. The website may be > down, or your network may not be properly configured." when I try to access > https://temanmudik.com. > > Anyone know how to properly redirect naked https domain in GAE? I notice > there is similar question in this forum ( > https://groups.google.com/forum/?fromgroups#!newtopic/google-appengine/google-appengine/A-8I1X9vouk), > > but it's 2009 and uses unofficial SSL support. > -- You received this message because you are subscribed to the Google Groups "Google App Engine" group. To unsubscribe from this group and stop receiving emails from it, send an email to google-appengine+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/google-appengine/b8a6b02c-c54e-48c4-9b9f-372a1fdf5292%40googlegroups.com.
[google-appengine] Re: Naked https (SSL) domain?
You basically need to have a separate server be able to handle the root (naked) domain and serve up a SSL certificate. A lot of services, such as Google App Engine do not do this for you, so you need something else capable of doing it. You could also use https://redirectssl.com it has free redirects up to a certain amount. *Disclaimer: I am the developer behind the service, I understand self promotion is wrong and that is not my intention, this thread has been referenced a lot by people and I want to offer a modern alternative.* On Sunday, 22 July 2012 14:13:23 UTC-3, Thomas Wiradikusuma wrote: > > > Hi guys, > > I'm using GAE's official SSL SNI support in my app. Opening > https://www.temanmudik.com is fine. But opening https://temanmudik.com > (naked domain) gives warning (in Chrome) that essentially says, "Hey, the > cert is not for temanmudik.com, it's Google's". Non-SSL ( > http://temanmudik.com) properly redirects to www. My appid is "neytap". > > So I got creative, I logged in to enom (from Google Apps) then removed all > A mappings (@ -> google IPs) and replaced them with one URL Redirect (@ -> > http://www.temanmudik.com). Non-SSL naked domain is still working, but > now Chrome gives me "This webpage is not available. Google Chrome's > connection attempt to temanmudik.com was rejected. The website may be > down, or your network may not be properly configured." when I try to access > https://temanmudik.com. > > Anyone know how to properly redirect naked https domain in GAE? I notice > there is similar question in this forum ( > https://groups.google.com/forum/?fromgroups#!newtopic/google-appengine/google-appengine/A-8I1X9vouk), > > but it's 2009 and uses unofficial SSL support. > -- You received this message because you are subscribed to the Google Groups "Google App Engine" group. To unsubscribe from this group and stop receiving emails from it, send an email to google-appengine+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/google-appengine/c53eb090-44ee-4b98-aa89-c38db24dbe5d%40googlegroups.com.
[google-appengine] Re: Naked https (SSL) domain?
Waleed, VIP does not solve this issue. You get the same SSL cert warning. They imply that the IP could change at any time so I would not rely on it being the same for multiple requests. Thomas, If you just want a redirect you could set up a VPS that does the redirect for you and uses either your cert or a different free one (startssl.com) so that any requests to it over SSL don't give a cert warning. A server running Apache with an .htaccess file doing the redirect would be enough for this. Unfortunately it will cost you a monthly fee to keep the VPS running. Maybe there is a business opportunity there for someone to set up a service that does exactly this redirect. I think wwwizer only works for non-SSL redirects. If you want to host your site on a naked domain then I think you have to use a reverse proxy on your own VPS for now. Careful with this path though as you would be adding a single point of failure in front of your app unless you load balance across multiple reverse proxies (which will probably cost a lot). - Bryce On Sunday, July 22, 2012 10:13:23 AM UTC-7, Thomas Wiradikusuma wrote: Hi guys, I'm using GAE's official SSL SNI support in my app. Opening https://www.temanmudik.com is fine. But opening https://temanmudik.com(naked domain) gives warning (in Chrome) that essentially says, Hey, the cert is not for temanmudik.com, it's Google's. Non-SSL ( http://temanmudik.com) properly redirects to www. My appid is neytap. So I got creative, I logged in to enom (from Google Apps) then removed all A mappings (@ - google IPs) and replaced them with one URL Redirect (@ - http://www.temanmudik.com). Non-SSL naked domain is still working, but now Chrome gives me This webpage is not available. Google Chrome's connection attempt to temanmudik.com was rejected. The website may be down, or your network may not be properly configured. when I try to access https://temanmudik.com. Anyone know how to properly redirect naked https domain in GAE? I notice there is similar question in this forum ( https://groups.google.com/forum/?fromgroups#!newtopic/google-appengine/google-appengine/A-8I1X9vouk), but it's 2009 and uses unofficial SSL support. -- You received this message because you are subscribed to the Google Groups Google App Engine group. To view this discussion on the web visit https://groups.google.com/d/msg/google-appengine/-/wxlGXH9GpiQJ. To post to this group, send email to google-appengine@googlegroups.com. To unsubscribe from this group, send email to google-appengine+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/google-appengine?hl=en.