I have a website running on AWS that needs SSL. The website has the functionality that it must by white labelable according to the subdomain accessed. For example, when accessing www.a.the-site.com the website will look different from when it is accessed from www.b.the-site.com, but it is the same virtual host handling both urls. I use an ELB which directs to the EC2 instance (only one instance at this stage) This worked fine when running over normal http.
I followed the step by step tutorial on AWS (http://docs.aws.amazon.com/ElasticLoadBalancing/latest/DeveloperGuide/ssl-server-cert.html and http://docs.aws.amazon.com/ElasticLoadBalancing/latest/DeveloperGuide/elb-create-https-ssl-load-balancer.html#configure-https-listener) to generate the keys (steps laid out below for ease of reference) and got the certificate from GoDaddy. (Upon pasting the CSR on the GoDaddy website's certificate request process, the correct CN was displayed). The certificate bought was a wildcard certificate, to support different subdomains. I applied the Certificate on the ELB using the AWS website interface, which did not prompt any errors, but now when I access the site over https, I get the SSL error in the browser:
"The security certificate presented by this website was issued for a different website's address."
Investigating the Certificate on https://www.sslshopper.com shows the following:
It states that none of the common names match, yet the common name in the chain is correct (*.the-site.com)
I can also post the steps followed to create the private key and CSR, but I have not received any indication that these are incorrect. It seems like the CN *.the-site.com is not resolving www.a.the-site.com. Can anyone shed some light on this?
