0

I have a domain (let's say toing.com), which has an SSL certificate bound to it only if I use the hosting provided by the same company (let's say Xhost). HOwever, recently I have a backend server at let's say, back.toing.com which needs to connect with the frontend hosted at toing.com, which is hosted with Xhost and thus uses SSL.

The backend, on the other hand is hosted on another server maintained by us with apache running.

The problem is that we unless we give SSL to back.toing.com, the browser would reject requests made from the frontend.

At this point we cannot use another, downloadable SSL certificate.

So I followed this tutorial to add a self-signed certificate to the apache server, but this configuration still blocks requests. I believe this is because the certificates don't match. However, since back.toing.com is SSL enabled, is there anyway I can configure the backend to be able to get requests from the front, except by disabling SSL for both front and back? Thank you in advance for the advice!

Improve this question

1 Answer 1

Reset to default
1

You need to get a wildcard cert so that way it uses the same one but for both front and back end.

Where are you getting your SSL cert from? You could also purchase another cert for the secondary server. A self signed cert will not work in this situation. For security reasons, I would set it up like this and not try to jerry rig something together.

Improve this answer
1
  • yes, I agree with you, we've decided to buy a wildcard in the end for the prod environment :) Commented Dec 11, 2019 at 12:05

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.