I run a website affectionaries.com that has a valid SSL certificate hosted by Hostgator.
It has come to my attention that when searching in Google for terms such as "Affectionaries" or "Cupcakes Runcorn" an other domain appears higher up the SERP's using my meta data an is unrelated to my business. If you click the link for (https://www.miamiboxpanama.com/) then it takes you to an insecure warning page! Under advanced it tells you:
www.miamiboxpanama.com uses an invalid security certificate. The certificate is only valid for the following names: affectionaries.com, www.affectionaries.com Error code: SSL_ERROR_BAD_CERT_DOMAIN
I can not figure out what is going on here...
So far I can see that this domain is on the same nameservers and IP address as my site.
Has anyone have experience with this and know a solution to resolve this matter?
www.miamiboxpanama.com resolves to the same IP address as affectionaries.com (192.254.231.2). So both names lead to the exact same web server, and therefore also the exact same SSL certificate. Since that certificate is only for the name affectionaries.com, the browser correctly issues a warning when the name it used was www.miamiboxpanama.com.
This looks like a configuration error at Hostgator. You may want to contact them and ask what's going on.
Related
I've got a couple of Services running internally with Certs issued by a Windows Server.
They all work with Chrome + Edge, just not with Firefox.
as an example, there's a db on the network accessed by going to https://db
It's CommonName is {FQDN}
It's SANs are db, database, {IP}, {FQDN},
as I said, works fine with Chrome+Edge, but when I use Firefox I get this error:
https://db/
Unable to communicate securely with peer: requested domain name does not match the server’s certificate.
I assume it's because of the https? ..I've seen issues fixing www with *db, but nothing about https ..or maybe this is completely the wrong route, not sure.. has anyone else come across this?
any direction or advice would be appreciated!
Note: I can provide how I generated the certs if it's a possible settings thing, I wrote a step-by-step guide :D
As Per: https://support.mozilla.org/en-US/questions/1323556
Firefox does not like IPs in AltSubjectNames. Removing them makes the setup work
I got problems with my custom domain setup on readthedocs.
Suddenly custom domain (https://docs.joinrpg.ru) stops working with SSL_ERROR_NO_CYPHER_OVERLAP.
Variois SSL checkers report that they "Failed to communicate with the secure server".
Readthedocs panel say that SSL certificate status: restricted_name_failure: Use of one or more domains on the certificate is restricted.
There was partial block by local authorities of readthedocs in Russia, but it (a) was on DNS-level (b)seems to be solved now, and (c) problem seems to reproduce outside russia.
What can I do to diagnose issue?
It was a bug with Cloudflare doesn't allow to issue certificates for "ru" domain zone.
It have been switched to Let's encrypt thanks to readthedocs team.
https://github.com/readthedocs/readthedocs.org/issues/9149
I've set up my app running on Cloud Run with a Let's Encrypt wildcard certificate to cover subdomains. It works fine, but everytime I run testssl.sh or other similar tools they notice 2 certificates: mine and Google's. The second certificate throws errors regarding name mismatch and from time to time (couldn't reproduce it, it may not be a problem) even browser notice this and say the cert is not valid, but a refresh will fix it.
Is this something common and should I ignore it? Google's DIG shows that the domain has the correct IP as A record and everything else works fine.
Use only one certificate.
A wildcard certificate with Cloud Run provides few benefits. Only domain names that are mapped will be supported so the wildcard does not help. The negative is that you must manually renew the certificate every 90 days.
Use the Google Managed certificates.
As a complete newbie, I've been skulking through this site for about the past twelve months to find solutions to errors. The following issue has driven me to distraction to such a degree that I decided to join the fun and see if anyone can help.
I have a main site which has an essential SSL certificate. I recently created another site as an add-on domain to the main hosting. However, this means the add-on tries to run as https, causing a security error and blocking most of the html and css document. I'd be very grateful if anyone could offer advice on how to work around this.
The certificates are valid only for the domain specificed in the CN.
However you are not only one with this requirement, so what you can do:
use a wildcard certificate - the wildcard certificates are usually more expensive, but they cover all subdomain on that level (*.domain.com covers www.domain.com, mail.domain.com, ... but not domain.com itself)
use Subject Alternative Name - it is an explicit list of domiains covered by the certificate
I have two "Web Sites" running under IIS6 (Windows Server 2003R2 Standard), each bound to a separate IP address (one is the base address of the server).
I used SelfSSL to generate and install an SSL certificate for development purposes on one of these sites and it works great. I then run SelfSSL to generate a certificate for the second site and the second site works, but now the first site is broken over SSL.
I run SSL Diagnostics and it tells me:
WARNING: You have a private key that corresponds to this certificate but CryptAcquireCertificatePrivateKey failed
If I re-run SelfSSL on the first site (to fix it), the first site works but then the second site is broken.
It seems like SelfSSL is doing something in a way that is designed to work with only one Website, but I can't seem to put my finger on exactly what it's doing and figure out how to suppress it. I would manually configure SSL but I don't have a certificate server handy, but maybe there is a way to get SelfSSL to just gen the cert and let me install it?
FWIW I have also followed the guidance of several posts that indicate changes to the permissions of the RSA directory are in order, etc. but to no avail. I don't work with SSL everyday so I may be overlooking something that someone with more experience might notice, or perhaps there is a diagnostic process that I could follow to get to the bottom of the issue?
We had a similar problem today. Our IT guy said he solved it by basically using ssldiag instead of selfssl to generate the certs.
See the reply from jayb123 at this URL: http://social.msdn.microsoft.com/forums/en-US/netfxnetcom/thread/15d22105-f432-4d8f-a57a-40941e0879e7
I have to admit I don't fully understand what happened, but I'm on the programming side rather than the network admin side.