EmailDiscussions.com  

Go Back   EmailDiscussions.com > Email Service Provider-specific Forums > FastMail Forum
Register FAQ Members List Calendar Search Today's Posts Mark Forums Read
Stay in touch wirelessly

FastMail Forum All posts relating to FastMail.FM should go here: suggestions, comments, requests for help, complaints, technical issues etc.

Reply
 
Thread Tools
Old 6 Sep 2018, 03:51 PM   #1
edu
Senior Member
 
Join Date: Jun 2016
Posts: 170
Secure websites on FastMail

Published today:

https://fastmail.blog/2018/09/06/sec...bsite-support/

In my case, I tried the steps in my websites and they don't work, and I automatically received emails saying FM will try again and will tell me when it works.

Did it work for you?
edu is offline   Reply With Quote

Old 6 Sep 2018, 04:14 PM   #2
edu
Senior Member
 
Join Date: Jun 2016
Posts: 170
Wow!!
After some minutes I've received new emails telling me that after some problems now it works.

Great!
edu is offline   Reply With Quote
Old 6 Sep 2018, 04:22 PM   #3
FredOnline
The "e" in e-mail
 
Join Date: Apr 2011
Location: Manchester UK
Posts: 2,082
Just went in and checked the secure box on each of my personal website pages, then did a CTRL+F5 on one of my web pages to test, and it's got the padlock - connection is secure.
FredOnline is offline   Reply With Quote
Old 7 Sep 2018, 01:40 AM   #4
alawyer
Junior Member
 
Join Date: Sep 2018
Posts: 1
This is great.

Have been waiting for this.

Can now start moving basic sites across to FM so no need to pay for hosting.

Might they support WP one day?
alawyer is offline   Reply With Quote
Old 7 Sep 2018, 05:49 AM   #5
yositimy
Member
 
Join Date: Jul 2004
Posts: 42
I checked the box to secure my website(s).

I get a "The security certificate presented by this website was issued for a different website's address" from exploder. I get a" certificate name does not match error" from safari, Firefox doesn't seem to mind.


So its not working for me at the moment... or there is more to it than checking a box. I did open a support ticket.
yositimy is offline   Reply With Quote
Old 7 Sep 2018, 11:29 AM   #6
Terry
The "e" in e-mail
 
Join Date: Jul 2002
Location: VK4
Posts: 2,592
silly question but I suppose you did click save
Terry is offline   Reply With Quote
Old 7 Sep 2018, 11:59 PM   #7
yositimy
Member
 
Join Date: Jul 2004
Posts: 42
Yes, saved. If I click the open anyway button on the browser, the page will open and the default browser trust settings are modified. Subsequently, the page opens without issue.... with the padlock.

I can see the certificate issued and review it. From my amateur mindset, I don't see anything wrong with it.
yositimy is offline   Reply With Quote
Old 8 Sep 2018, 12:29 AM   #8
BritTim
The "e" in e-mail
 
Join Date: May 2003
Location: mostly in Thailand
Posts: 2,673
Quote:
Originally Posted by yositimy View Post
Yes, saved. If I click the open anyway button on the browser, the page will open and the default browser trust settings are modified. Subsequently, the page opens without issue.... with the padlock.

I can see the certificate issued and review it. From my amateur mindset, I don't see anything wrong with it.
This feels like a web of trust issue. Are you using a recent version of a major browser?
BritTim is offline   Reply With Quote
Old 8 Sep 2018, 04:08 AM   #9
yositimy
Member
 
Join Date: Jul 2004
Posts: 42
Yes, most current Safari and Exploder. Firefox doesn't seem to mind, although it may be a couple versions behind.

Exploder says the error indicates the certificate presented was issued for a different website's address. Safari says there is a host name mismatch.

I noticed that the name and DNS fields on my other certificates have both" www.*****.com" and "*****.com" listed where Fastmail's contains only "******.com"


If I select visit site anyway, my browser trust settings get updated and I can then open the page without issue.

Anyway, I'm virtually clueless in this area and just report what I see.

Edit: The latest Firefox version does the same thing. The FireFox error message says the certificate is only valid for *****.com. not valid for www.*****.com.

Error code is: SSL_ERROR_BAD_CERT_DOMAIN

Last edited by yositimy : 8 Sep 2018 at 10:03 AM.
yositimy is offline   Reply With Quote
Old 8 Sep 2018, 02:49 PM   #10
FredOnline
The "e" in e-mail
 
Join Date: Apr 2011
Location: Manchester UK
Posts: 2,082
Are your web pages on a personal domain or using the FastMail domain?

https://www.fastmail.com/help/files/secure-website.html

Currently we're unable to provide certificates for wildcard websites and websites on FastMail domains (such as fastmail.com)
FredOnline is offline   Reply With Quote
Old 8 Sep 2018, 11:38 PM   #11
yositimy
Member
 
Join Date: Jul 2004
Posts: 42
No I have the right kind of domain. For example, lets say we are talking about the personal domain abcde.com and the "abcde.com" domain registrar is not fastmail. Fastmail is the host for abcde.com and obtained the certificate from lets encrypt, so it passed all those tests. I have fastmail domains also, but the control panel won't let you secure them.

If someone types into the browser "abcde.com" its seamless

If someone types in "www.abcde.com" with a current browser, they get an error until they trust the site and modify their trust settings. With some older browsers, the user won't get an error.

The padlock shows up regardless.


My other certificates for domains hosted elsewhere would have both "abcde.com". and "www.abcde.com" listed in the certificates. So it doesn't seem to matter if they type in www or not or if off site "redirect" pages have www in the link address or not.


I think that may be the issue.

Last edited by yositimy : 8 Sep 2018 at 11:44 PM.
yositimy is offline   Reply With Quote
Old 8 Sep 2018, 11:46 PM   #12
FredOnline
The "e" in e-mail
 
Join Date: Apr 2011
Location: Manchester UK
Posts: 2,082
In your FastMail accounts for websites, do you have www.abcde.com set up to redirect to abcde.com?
FredOnline is offline   Reply With Quote
Old 9 Sep 2018, 06:14 AM   #13
yositimy
Member
 
Join Date: Jul 2004
Posts: 42
Thanks

I don't have have redirects, as I understand them, which has not been an issue. When toying with it years ago, I never had luck with redirects, fastmail could never seem to find the target.

I created a new website in my account "www.abcde.com" that has the same target files a "abcde.com" and now I do not received errors when opening the pages.

I have a couple websites that will need new entries, if this is the right way to go about this.

By the way, this personal site has been more of a hobby and test site to me, but I do appreciate the help/suggestions.

Last edited by yositimy : 10 Sep 2018 at 03:48 PM.
yositimy is offline   Reply With Quote
Old 10 Sep 2018, 07:36 PM   #14
pjwalsh
Essential Contributor
 
Join Date: Dec 2008
Location: Canada
Posts: 269
Pleased to see HTTPS redirects to external sites do work.
pjwalsh is offline   Reply With Quote
Old 21 Sep 2018, 06:17 PM   #15
edu
Senior Member
 
Join Date: Jun 2016
Posts: 170
I checked my domains and they had the same problem with www (needing to add an exception to the ssl certificate or not working).
I had to create a "new website" adding in the first box www. and in the second box my domain and it works! This should be automatic but it's not, so we need to create 2 websites to every domain: one only with the domain and the second with www.
I hope it helps you too.

Quote:
Originally Posted by yositimy View Post
No I have the right kind of domain. For example, lets say we are talking about the personal domain abcde.com and the "abcde.com" domain registrar is not fastmail. Fastmail is the host for abcde.com and obtained the certificate from lets encrypt, so it passed all those tests. I have fastmail domains also, but the control panel won't let you secure them.

If someone types into the browser "abcde.com" its seamless

If someone types in "www.abcde.com" with a current browser, they get an error until they trust the site and modify their trust settings. With some older browsers, the user won't get an error.

The padlock shows up regardless.


My other certificates for domains hosted elsewhere would have both "abcde.com". and "www.abcde.com" listed in the certificates. So it doesn't seem to matter if they type in www or not or if off site "redirect" pages have www in the link address or not.


I think that may be the issue.
edu is offline   Reply With Quote
Reply


Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Forum Jump


All times are GMT +9. The time now is 03:48 AM.

 

Copyright EmailDiscussions.com 1998-2013. All Rights Reserved. Privacy Policy