Hi,
I have multiple IPs set up on a single ec2 server and am using multiple SSL certificates to manage multiple ecommerce sites that are being hosted on this server. One of those ecommerce sites is www.iballast.com I am getting periodic complaints from customers who say they are getting an error that the domain name does not match that in the certificate. When I check the certificate out with SSL Shopper, everything checks out ok. http://www.sslshopper.com/ssl-checker.html#hostname=iballast.com If you check the certificate out in your web browser, you will more than likely see the correct cert. When I check the certificate out with GeoCerts, it grabs an incorrect cert and gives me the same error. http://www.geocerts.com/ssl_checker. This is the same problem I am having with some customers. I believe all of the complaints so far have been from people using Internet Explorer.
Here are the directives in my iballast.com.conf file relating to ssl. ( I have also tried this using a separate server declaration dedicated for 443.)
server {
listen 80;
listen 443;
server_name www.iballast.com iballast.com;
root /var/www/html/sites/ilightdepotv6;
## SSL directives might go here
ssl on;
ssl_certificate /etc/nginx/ssl/iballast.com.crt;
ssl_certificate_key /etc/nginx/ssl/iballast.key;
I am able to make this fail when I add a domain name or ip address in front of the port (ie: www.iballast.com:443). In that case it pick us the default certificate (ilightdepot.com) which is shown in GeoCerts tracker. For some reason some customers are not getting the correct certificate. I would love some suggestions on how to resolve this issue.