pioneerx01 Posted December 26, 2014 Share Posted December 26, 2014 (edited) Let's say that I have domain called www.mydomain.com with SSL certificate. Through .htaccess I have set up the domain to force SSL at all times, so users will see https://www.mydomain.com/... I had this site and SSL for while and there are serveral external links linking to my site, but they are all (or most) in "SSL format" https://www.mydomain.com/... If I should cancel my SSL certificate (and remove force SSL in .htaccess) that will happen when those "SSL formatted" links get clicked on? I assume users will get "not trusted connection" message? Any way arround that? As far as I undersestand the "SSL" handshake takes place before .htaccess gets loaded, so I will not be able to force SSL off on the links. Thoughts? Edited December 26, 2014 by pioneerx01 Quote Link to comment https://forums.phpfreaks.com/topic/293364-what-happens-when-i-remove-ssl-certificate-from-my-domain/ Share on other sites More sharing options...
Jacques1 Posted December 26, 2014 Share Posted December 26, 2014 (edited) The first question is why you want to stop supporting HTTPS. It will be a lot of trouble for you, it will be a lot of trouble for your users, and it's less security for everybody. Is money the problem? You can get a free certificate from StartCom. If you need more features (like multiple domains), there are still a lot of CAs with reasonable prices. No, you can't just go back to HTTP once the client makes an HTTPS request. That's the whole point of HTTPS. If there's anything wrong with the connection, your users will get an error. You can only choose between different errors: You may close port 443 entirely, in which case all HTTPS requests will fail. Smart users will try plain HTTP on port 80, inexperienced users will think the entire site is dead. You may keep using the expired certificate, which will lead to big red warnings. Some users will simply ignore the warnings, others will leave the site. You may issue your own certificate and use it instead of your current one. This also leads to warnings, but it's more reasonable than using an invalid certificate. Experienced users will understand the difference. Either way, there will be errors and confusion, and you may lose a lot of users. Edited December 26, 2014 by Jacques1 Quote Link to comment https://forums.phpfreaks.com/topic/293364-what-happens-when-i-remove-ssl-certificate-from-my-domain/#findComment-1500673 Share on other sites More sharing options...
NetKongen Posted January 4, 2015 Share Posted January 4, 2015 You would probably be in trouble if you have built the site with absolute paths... then thay would all not be working as you would not be using http instead of https :-P But keep a SSL certificate i definitly a good idea, as Google will soon incorporate it in their search algoritm and rank sites higher that has full SSL protection Quote Link to comment https://forums.phpfreaks.com/topic/293364-what-happens-when-i-remove-ssl-certificate-from-my-domain/#findComment-1501684 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.