Hello, there is a https:// setting that is destroying my charity project and (since my project is about creating funds for many charities), it's affection many other char… (read more)
Hello, there is a https:// setting that is destroying my charity project and (since my project is about creating funds for many charities), it's affection many other charities as well.
I’ve got a website called Doelshop.nl which raises free donations for charities. This is done through affiliate marketing, someone buys something through my website (I’m just linking through) and 75% of the commission goes to the charity that the buyer chooses. The buyer doesn’t pay anything extra.
PROBLEM with Firefox/Google Chrome
Many charities have applied (because they can get free donations through their users who are already shopping online), recently we have implemented in our system a function where each project can make their own subdomain.
This means, if you have a charity called ABC, you can create ABC.doelshop.nl and automatically you have selected the ABC charity. Very handy for charities, because it’s easy promotion.
Now here’s the problem, we have bought a SSL wildcard certificate to establish https:// connection for all these subdomains.
BUT, some are typing into their URL boxes: www.abc.doelshop.nl and this CANNOT be certified. Technically it can if we manually insert every subdomain into multiple certificates, which would cost us thousands of dollars. Also our subdomains are not set, new ones are being created all the time.
Both Firefox and Google Chrome now always give an error message when people type in their URL address with ‘www.’. People cannot even reach the website, it gives un unsafe warning and shoppers won’t donate for free to their charity.
We have redirected the ‘www.’ to ‘without www.’ but this doesn’t help.
Is there any way where you could help, for example by listing these sub-subdomains as safe? I can give you any kind of openness to prove there is nothing scammy going on.
I’m willing to change these domain setups towards Doelshop.nl/abc instead of abc.doelshop.nl but it takes a while. If you could list it as a safe connection in the meantime that would also mean a lot!
Instead of using abc.doelshop.nl for testing, you can use https://make-a-wish.doelshop.nl (working) and https://www.make-a-wish.doelshop.nl (unsafe in your browser)