-1

My Client's website is hosted by go-daddy. They created a sub domain hrm.clientname.com and hosted HRM system from their own servers using IIS. The problem is the ISP in the host country does not support static IP so naturally we went for Dynamic IP by Dyndns.org. http site routing from hrm.clientname.com to example.dyndns.org and then you our IP was working fine until we implemented SSL certificate.

The nameservers -hostmonster in our case gives me 404 page when i try to access hrm.clientname.com and when i access my hrm system from example.dyndns.org it goes through but gives me not secure because certificate was issued against hrm.clientname.com.

Any advice on how to route traffic from hrm.clientname.com to my servers placed at our location and the tab saying secure.

Thanks

Omer Qayyum
  • 13
  • 2

2 Answers2

1

http site routing from hrm.clientname.com to example.dyndns.org and then you our IP was working fine until we implemented SSL certificate.

This is not the right way to redirect users, you should CNAME to the dynamic record.

remove the Web redirect with a proper dns record.

hrm.clientname.com in cname example.dyndns.org
Jacob Evans
  • 7,636
  • 3
  • 25
  • 55
1

I don't use DynDNS, but I know how to do what you want to do with free DDNS provider https://freemyip.com (you don't need to create any accounts there - it takes literally 10 seconds to create your domain in there)

Once you create your domain there (say, example.freemyip.com), you need to set a CNAME record in your clientname.com domain, pointing to your dynamic DNS domain at example.freemyip.com

So inside your zone file for clientname.com, you would need a line like this:

hrm.clientname.com.        CNAME  example.freemyip.com.

Pay attention to those dots at the end of each domain - they are important!

Make sure your dynamic domain IP address is being updated correctly, as per instructions at https://freemyip.com/help (find section that's applicable to your environment). At this point, if you go in your browser to hrm.clientname.com you should be seeing whatever is serving on your machine at IP address associated with example.freemyip.com.

Next, SSL certificate. I recommend using free service letsencrypt.org On most Linux distributions you can install it by issuing this command:

sudo apt-get install letsencrypt

Next, assuming you have Ubuntu server with nginix at hrm.clientname.com, you would need to stop your nginx server first:

service nginx stop

Next, as root, start this command:

letsencrypt certonly --manual --email contact@hrm.clientname.com -d hrm.clientname.com

You need to acknowledge some questions, and then you will see something like this:

Make sure your web server displays the following content at
If you don't have HTTP server configured, you can run the following
command on the target server (as root):

Now, copy everything that you see there into your clipboard. There will be few lines of commands in there. Open another session to your ubuntu server, and paste all those commands. This will start a standalone web browser that will serve the authentication page. Back to the first ubuntu session, and press Enter. It will take a few seconds, and if everything went ok, you will have your certificate. If there is an error, it will explain what's the problem. If that happens and you cannot resolve it, then come back here and copy and paste your error.

Cadence
  • 11
  • 2