2 Lessons (12m)
    • 1. 94 Configuring 301 Redirects to HTTPS

    • 2. 95 Custom TLS Certificate Summary

About This Class

This course is all about securing websites with SSL/TLS certificates.

1. 94 Configuring 301 Redirects to HTTPS: in the previous lecture, Weaker found out that our website is actually accessible via http https with three W's end without three W's, and our goal is to redirect all requests. Toe this your l https and without three W's. This will be our main Ural, and in order to do that, we will need to modify configuration off our server block, and we will add such instructions at this one. Return 301 and this your L. We will redirect all requests toe https, Tila scores dot com, and we will need to modify existing server blocks and add one or two additional several blocks. Let's do that, and let's modify our integration located in this file. Let me quit your name off the file Nana and based name on the file Antam. And here you see my current configuration. There are two Serra blocks. One listens to Port 80 and another listens to port for for three. And in both Sarah blocks, several name is equal to tell us scores dot com and www Stella scores that come. That's why I am able to access my website. Eyes are with www graphics without it. Same for Nazar several block this one. Let me actually make it a little bit smaller in orderto feed it toe the window and let's no try to modify our several blocks. And first what I will do. I'll add the 301 redirect toe discs ever block, and I'll simply remove location. He him. I can use control cakey combination in order to delete line, delete those three lines. And now I'll add one more new line here and use this option. Return three Counted one and this euro What may copy it and paste here. Now, all requests via http to deal a scores that come or www still a score that come will be automatically redirected to https. Tila scores but come And this indicates remaining part in the Ural. For example, if someone requests your l http three W's dot taylor scores dot com slash about slash mean this bureau will be redirected to https without www Stella schools that come slash about slash me and well, you off this variable will be actually equal toe this section in this case. Okay, let me delete this line. Control Kate. Okay. We are done for issue to be sever block, and now we can actually very fight how it works. Let's save the file exit and let's start Sarah system see Deal Restart and Jane X Enter Server was restarted and let's no try to test access by http toe. Our website. Let me clear terminal and less again use Coral Command. And here I'll use http with three W's Enter and I get Answer moved permanently and location is https deal a schools dot com. Same will happen if I will try to access my website or http without three W's like that. Enter again. 301 moved prominently, and new location is the same as in previous request. Https Della scores. But come, let's no test this in Firefox. And let's simply refresh this page Refresh and I was redirected to https. Tila scores dot com. It means that this redirect works correctly, but if I will try to access my website over https and with graphics three W's, I'll still get 200 okay, and our final task is to redirect those requests also to https Stella schools dot com. And let's do that. Let me clear Council and let's again open our file for editing this one and we will need toe. And actually one more server block There is already disc several block that listens to port for for three and several name. Here is still a scores dot com and www Stella scores, but come and our goal is to serve on Lee content for Telus course dot com and redirect all requests to this Ural off course. If glands connect over issue TBS and let's modify the Serra Block and I'll remove www dot l . A. Schools that come from here and leave on Lee tell a scores, but come like that. And now I'll add one more sever block after this one. Let me again make it smaller like that and large window and let me actually, Corp in this entire block like that and based it here like that. And now I'll modify this corporate block as a cell will remain on, as the certificates will remain the same as before. As a self certificate, he will also remain in place. But I'll delete this line. Control K. Delete this one as well. This line. I'll change toe several name www, still a scores dot com. Next, I'll remove location, control, K Control K and Control K. And here I'll add Roy direct instructions. Let me get back to note that and the corporate this command copy it and paste it. And that means that if someone will access our Web server by https and in their quest, several name will include www Stella scores that come. I will redirect those requests toe https version off my website and actually have just realized that I could remove also unneeded lions in http section and I would remove this line with location off files. I don't need it, and this line would be removed as well, because actually, in this case, I don't settle content by a port 80 and all requests are directed toe https and no, we're all set. We have this Serra bloke with sport 18. Next comes Sever Block that will serve content on Lee. 40 less course don't come without three W's, and in this section we will redirect requests. Www. Still, of course, the poem by https do this euro without three W's and the less no tested. Let's save the file control. Oh right, the file exit and let's clear the council and The Lord and Jane X Web Serra System See Deal Lelord and Jay Nix Antara. Reload was successful and now let's verify connection Toe https Whisk three W's Here What is Enter and I get correct. Response 301 moved permanently and location is https. Deal a schools dot com Let's no try to access. Actually, our main website, let's say without three W's and over https enter. And now I get correct. Response 200. Okay, and that means that everything works correctly. Let's find delivery. Fight that in Firefox, for example. And let me add here three W's and let me try to access website over https and, uh, probably or load the page here and now. I was redirected to https. Same will happen with http requests. Let's get back to groom, actually, and less right or a fresh page here and verify where's are all works as before, Refresh page and I see page same as before. Also, we can use some online jackers off redirects, jacker, resurrects and through him, and let's Glicken discourse link and enter my website Della schools dot com on the lies And here below I see response. Congratulations. Everything seems to be fine if I request my website over http, I get response. 301 moved permanently. And if request comes to https Deal, Of course that come then. Response is 200. Okay. And here, you see results off this testing. Also, we can check Http with three W's like that on the lies school down. And here again, we could answer 301. Moved permanently, and location is https. Deal a scores dot com and dis request. So this Ural is successful. And server it don't scold 200. Okay. And that is great. Okay, Now, always said we have tele certificates installed on our Web server week of Confused Girl to a direct and our main site, east https dealer scores dot com. And after the small post, let's actually summarize what we did in this section. I'll see you in a moment. Bye bye. 2. 95 Custom TLS Certificate Summary: in this lecture. Let's summarize what we did so far in this large section. Week of request free as a self certificate at Sect Eagle. It is valid for 90 days, but it is signed by the same Cerro's that sign paid certificates Week of God certificate whisk domain validation. And here you see that in certificates in subject name, there was no debt. The certificates has the main control validated. Week of greed certificate silent request using open as a cell. Then we have submitted this CSR here at this website. And here was the result off submission. We could perform the domain control validation and we have added see name record in the DNS panel here, a digital ocean. And here was this record. And after modifying this record, we have successfully got our certificates by email. In this archive, we have also received intermediate certificates. Here it is sacked Iga Arce domain and someone and we have installed the certificate as well on our web, Sarah. And if I'll go to my Web Sarah and change directory to BTC slash as a cell and open file till s schools don't come to Pam here, I'll see two certificates. Here was my throat certificates, my own certificate. And here next come certificates off. Intermediate, say several. And after that, finally, we have modified settings off our web, Sarah, and we have added resurrects. And if I look at my configuration file here got and this file, you'll see no. Three several blocks here. We redirect all http, request isa to tell us girls that come or www still escorted Come toe https without three W's Here we settle continent by https Onley four Telus course not comb. And here in this last section, we redirect https requests whisks, redouble use to issue to be us without three W's and that's all for several set up. Okay, I hope that you enjoyed this large section. And I'll see you after the small polls. Bye bye.