What are the options with the new google https warning for DA hosts

Nexxterra.com

Verified User
Joined
Apr 22, 2006
Messages
212
Location
Miami Beach
What are the options with the new google https warning? We have worked for years building our shared hosting, some have hundreds or more clients and now, google pulls this BS... Most users are punching in passwords that show up year after year on the top 10 password list anyway!
What are our options as hosts?
Do we need to assign ips to each user and sell them a cert?
Is there a server wide option?
Why is google not recognizing a user generated cert?
This seems more like a money thing more than a security thing!
Thanks for any input...
 
What about Let's Encrypt? It's free and every user can install it within DA and DA itsellf will renew it automatically.

Google is not going to accept Let's Encrypt as valid SSL cert or what?

Best regards
 
SSL / HTTPS is better yes.

Letsencrypt is a SSL / HTTPS option also a good one yes.

BUT:
- Old server / VPS with older software OS and so on doesn't have always SNI and or possible right versions of SSL and some other software ( for letsencrypt you need this or all own IP's ) ;)
- You need more resources with SSL, and is slower.
- all the web sites have to be upgraded somehow.

So it is some/lot of work and costs ( not all Custommers want this kind of...), ofcourse it is better to have up to date machines , OS and software versions, ofcourse it is better to have that kind of sites with https. I totally agree!. ;)


This message from Chrome is almost the same as having other "to old" version of not secure enough software on your websites, as old ssl, as to old not save enough cyphers and so on, so look at it this way ...

This message is known for a long time now , so normally everyone / hosters should / could have their custommers giving a notice/warning.
A Marketing challenge / possibility that is ok to give that custommers a option to switch to newer VPS and also newer better contracts with ssl and helping them with their websites and so on , so see this positive from hosting point of view . ;)
 
Last edited:
Do I need to assign a dedicated IP to each client now?
I have not looked at ssl or certs in a long time.

Probable if long time, you also have to take a look at software versions first from OS, Directadmin, Custombuild, WEBAPps and so on so everything i think. ;)

After that wen the version are save secure version and the ones you need you can have a look at sni and then letsencrypt for example, this is the cheapest easiest way to solve.

Bu i have also told you to take care of all webapps and CMS ( as KOPAGE) if they are not ready to use https everywhere ............... also every client have to change / update their websites that good support for https ....

So you don't write/told wich versions, for a support here not so good. ;)

For web cms and other things as Websites this is not the right Forum you have to go there, for Directadmin, Directadmin basic provided Software, Custombuild, Custombuild "WEBAPPS", SNI, and Letsencrypt this is the right Forum i think. ;)

Andrea Iannucc: he told you and give you a hint so why not using Forum search , howto's directadmin and websearch for his advise?

Oyea Updating better Late then never, but to late is.....
 
Last edited:
The answer to MY question at the time I posted this was YES, an IP was needed for EACH ssl cert issued, HOWEVER, since then Directadmin and letsencrypt have advanced so that ssl certs from letsencrypt can use the servers shared IP. Once properly set up the new letsencrypt plugin for DA works also for your resellers even if the reseller is assigned a different IP.
 
Thank you Alex but I would have to do that for every domain then. Just leaving out https is easier in that case.
 
You're welcome. Please note all that can be automated, or you could use old way by modifying templates ;)
 
Back
Top