I have added an domain pointer [301, no mail alias] but it is using the http instead of https re-direction, is there a ‘simple’ fix to change this behaviour because it generates at the moment a Warning: Potential Security Risk ahead when you browse to the pointer domain, not really nice and confusing.
At this time, the best method is to make a htaccess rule, either to redirect everything to https, or set up the pointer that way. This may be helpful: How to: Manage Advanced Settings via .htaccess in SiteWorx — InterWorx documentation
(I thought there was a feature request on file to give an option for https for pointers, if possible, but I don’t seem to see one, so I will create that, as well, but no guarantee or ETA).
Hi @IWorx-Jenna Jenna,
I tried to setup the pointer to https, but the pointer only accepts the domain name no http or https.
I talked to the devs about this and it seems that, currently, there is no way to make the redirect https unless you add your own outside certificate the covers https://pointerdomain.com
The reason for this is that, currently, it is not possible to generate an SSL cert from SiteWorx that covers 301 and 302 pointer domains. So the request downgrades to http since there isn’t a 443 entry in the vhost for the pointer. I am submitting a feature request, but, again, no ETA.
If you add an externally created SSL cert that covers the pointer domain, it should work because the pointer would have an entry under 443 in the vhost.
I hope your both well
I think (but could be wrong sorry), Nico is referring to the web browser stating insecure/untrusted on his pointer domains
We have seen this many times, and we delete the pointer and create a proper siteworx account, then we amend the vhost file only after putting a LE SSL on the domain
primary domain mysite.co.uk
Using a pointer means no SSL can be set on my2site.net, and when someone accesses in a browser http://my2site.net, it will change to https://mysite.co.uk as we put in vhost but when accessing https://my2site.net, the browser first attempts to bring the SSL which does not exits and uses the https of the www on server, it shows untrusted and waits for a user click on browser
So http site 1 to https site 2 is no issue but https site 1 to https site 2 is an issue due to no correct SSL for site 1 on pointer
Sorry @iworx-jenna beat me to it…
So the workaround is to delete the pointer domain, create the what was pointer domain to a siteworx account, create a LE SSL and delete the index.html file, create a new index.html with the following:
This then allows LE SSL to autorenew and directs http and https requests to correct domain