https://security.googleblog.com/2018/02/a-secure-web-is-here-to-stay.html

From July 2018 Chrome will display "Not Secure" in the browser for sites not on https.

Andy

Please feel free to review / rate our software

Symantec operates a series of Certificate Authorities under various brand names, including Thawte, VeriSign, Equifax, GeoTrust and RapidSSL.

IF you have one of those SSL Certificate brands installed (like me ), browse any SSL secured website page using Google Chrome.
> Right-click, then "Inspect",
> Check for any Warning Message in the "Console" at bottom of screen.

----------------------------------------
You may see this Warning ...

The SSL certificate used to load resources from https:// yourdomain.com will be distrusted in M70. Once distrusted, users will be prevented from loading these resources. See https://g.co/chrome/symantecpkicerts for more information.

Click the link above to read the "Google Security Blog" article titled "Chrome’s Plan to Distrust Symantec Certificates".
----------------------------------------

Symantic have issued numerous certificates that did not comply with the industry-developed CA/Browser Forum Baseline Requirements. This has caused the Google Chrome team to lose confidence in the trustworthiness of Symantec’s infrastructure, and as a result, the certificates that have been or will be issued from it.

Starting with Chrome 66, Chrome will remove trust in Symantec-issued certificates issued prior to June 1, 2016. Chrome 66 is currently scheduled to be released to Chrome Beta users on March 15, 2018 and to Chrome Stable users around April 17, 2018.

From the Symantec Official Blog, here is Information for Replacement of Symantec SSL/TLS Certificates >>

Gary

Not really a big deal though . Symantec sold those brands to Digicert last year and we've been issuing certificates off the Digicert root for several months now. All it really means is you might need to do a free reissue on the certificate, or renew a bit early. We're finding that in practice this really only impacts a subset of certificates that expire in the 4th quarter this year, and in most cases renewing three months early (no loss of time for that) will be sufficient to keep Chrome happy. That will apply to your site too, renew before Sept 13 and you'll be fine

Peter

ServeLink
Professional ecommerce web hosting for ASP & PHP
https://servelink.com

Take a look at our image upload/resize tool for the ASP cart
https://servelink.com/clients/cart?gid=7

Thanks Peter,
I have not received any advice from my Certificate Provider about this issue, which you would reasonably expect by now.
So the post is here for the information of other Webmasters who may be affected and do need to check.

Here you can find out if you need to have your Symantec SSL/TLS certificate reissued >>

If yes, the Certificate reissue process is then explained on subsequent pages.

Gary

Hi Everyone,
I finally switched to a full site ssl. Any suggestions before I get too far down the road that could help prevent duplicate content?

Here' my .htaccess
RewriteEngine On
RewriteCond %{HTTP_HOST} !^www\.
RewriteRule ^(.*)$ https://www.%{HTTP_HOST}/$1 [R=301,L]
RewriteCond %{THE_REQUEST} ^[A-Z]{3,9}\ /index\.html\ HTTP/
RewriteRule ^index\.html$ https://www.site.com/ [R=301,L]
RewriteCond %{SERVER_PORT} 80
RewriteRule ^/?(.*) https://www.site.com/$1 [R=301,L]

Thanks

Michael

If you have a directive in the .htaccess file, that forces the user to https, then it's impossible to get to a non https page, so I don't think you could get a duplicate content penalty for that.
I would go into GWT and make sure you have setup a property for the https version of your site.

No matter what, I tried these variations and it still redirects to: https://www.site.com/public_html/ with a 404 not found error

RewriteEngine On
RewriteCond %{HTTP_HOST} !^www\.
RewriteRule ^(.*)$ https://www.%{HTTP_HOST}/$1 [R=301,L]
RewriteCond %{THE_REQUEST} ^[A-Z]{3,9}\ /index\.html\ HTTP/
RewriteRule ^index\.html$ https://www.site.com/ [R=301,L]
RewriteCond %{SERVER_PORT} 80
RewriteRule ^/?(.*) https://www.site.com/$1 [R=301,L]


<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://www.domain.com/$1 [R=301,L]
</IfModule>


RewriteEngine On
RewriteCond %{HTTP_HOST} ^yourdomain\.com [NC]
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://www.yourdomain.com/$1 [R,L]


RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

Many Thanks
Mike



Michael

I have added the following for the redirect of https

<?xml version="1.0" encoding="utf-8"?>
<configuration>
<system.webServer>
<rewrite>
<rules>
<rule name="Redirect to https" stopProcessing="true">
<match url=".*" />
<conditions>
<add input="{HTTPS}" pattern="off" ignoreCase="true" />
</conditions>
<action type="Redirect" url="https://{HTTP_HOST}{REQUEST_URI}" redirectType="Permanent" appendQueryString="false" />
</rule>
</rules>
</rewrite>
</system.webServer>
</configuration>


I now want to make my products and categories URL SEO friendly

would i add this a new rule in the config file ? or embed it with above?

<rule name="Categories Match" stopProcessing="true">
<match url="^category/([^/]*)/?$" />
<action type="Rewrite" url="categories.asp?cat={UrlEncode:{R:1}}" />
</rule>
<rule name="Product Match" stopProcessing="true">
<match url="^products/([^/]*)/?$" />
<action type="Rewrite" url="products.asp?cat={UrlEncode:{R:1}}" />
</rule>
<rule name="All Manufacturer Match" stopProcessing="true">
<match url="^manufacturer/?$" />
<action type="Rewrite" url="categories.asp?man=all" />
</rule>
<rule name="Manufacturer Match" stopProcessing="true">
<match url="^manufacturer/(.*)$" />
<conditions>
<add input="{UNENCODED_URL}" pattern="manufacturer/[^/]*" />
</conditions>
<action type="Rewrite" url="products.asp?man={UrlEncode:{R:1}}" />
</rule>
<rule name="Product Detail Page Match" stopProcessing="true">
<match url="^([^/]+)/?$" />
<conditions>
<add input="{URL}" pattern="\.asp" negate="true" />
<add input="{URL}" pattern="\.css" negate="true" />
<add input="{URL}" pattern="\.gif" negate="true" />
<add input="{URL}" pattern="\.jpg" negate="true" />
<add input="{URL}" pattern="\.js" negate="true" />
<add input="{URL}" pattern="\.png" negate="true" />
<add input="{UNENCODED_URL}" pattern="[^/]+" />
</conditions>
<action type="Rewrite" url="proddetail.asp?prod={UrlEncode:{R:1}}" />

Hi, I believe you would add the new rules in with the existing

<?xml version="1.0" encoding="utf-8"?>
<configuration>
<system.webServer>
<rewrite>
<rules>
<rule name="Redirect to https" stopProcessing="true">
<match url=".*" />
<conditions>
<add input="{HTTPS}" pattern="off" ignoreCase="true" />
</conditions>
<action type="Redirect" url="https://{HTTP_HOST}{REQUEST_URI}" redirectType="Permanent" appendQueryString="false" />
</rule>
ADD NEW (additional) RULES HERE
</rules>
</rewrite>
</system.webServer>
</configuration>

I have decided to switched back to the original config because my site was playing up

The whole site is working and is redirecting after SSL to https://www.snuff.me.uk/


But on the Seo reports its still saying im not redirecting properly and need to decide whether you prefer the <https://www> or the https:// non-www

how and where do i do this ?

The redirects look like this <http://snuff.me.uk/> ---> <https://snuff.me.uk/> <http://www.snuff.me.uk/> ---> <https://www.snuff.me.uk/> <https://snuff.me.uk/> ---> <https://snuff.me.uk/> <https://www.snuff.me.uk/> ---> <https://www.snuff.me.uk/>




My current config is

<?xml version="1.0" encoding="utf-8"?>
<configuration>
<system.webServer>
<rewrite>
<rules>
<rule name="Redirect to https" stopProcessing="true">
<match url=".*" />
<conditions>
<add input="{HTTPS}" pattern="off" ignoreCase="true" />
</conditions>
<action type="Redirect" url="https://{HTTP_HOST}{REQUEST_URI}" redirectType="Permanent" appendQueryString="false" />
</rule>
</rules>
</rewrite>
</system.webServer>
</configuration>


Cheers
Jamie

i just need help to redirect https://snuff.me.uk to -> https://www.snuff.me.uk