Welcome! Log In Create A New Profile


SSL Name not Matching Certificate

Posted by wdecamp 
SSL Name not Matching Certificate
November 23, 2012 04:34PM

I have multiple IPs set up on a single ec2 server and am using multiple SSL certificates to manage multiple ecommerce sites that are being hosted on this server. One of those ecommerce sites is www.iballast.com I am getting periodic complaints from customers who say they are getting an error that the domain name does not match that in the certificate. When I check the certificate out with SSL Shopper, everything checks out ok. http://www.sslshopper.com/ssl-checker.html#hostname=iballast.com If you check the certificate out in your web browser, you will more than likely see the correct cert. When I check the certificate out with GeoCerts, it grabs an incorrect cert and gives me the same error. http://www.geocerts.com/ssl_checker. This is the same problem I am having with some customers. I believe all of the complaints so far have been from people using Internet Explorer.

Here are the directives in my iballast.com.conf file relating to ssl. ( I have also tried this using a separate server declaration dedicated for 443.)

server {
listen 80;
listen 443;
server_name www.iballast.com iballast.com;
root /var/www/html/sites/ilightdepotv6;

## SSL directives might go here
ssl on;
ssl_certificate /etc/nginx/ssl/iballast.com.crt;
ssl_certificate_key /etc/nginx/ssl/iballast.key;

I am able to make this fail when I add a domain name or ip address in front of the port (ie: www.iballast.com:443). In that case it pick us the default certificate (ilightdepot.com) which is shown in GeoCerts tracker. For some reason some customers are not getting the correct certificate. I would love some suggestions on how to resolve this issue.
Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 108
Record Number of Users: 6 on February 13, 2018
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready