0

So I've been using Amazon CloudFront as a CDN on my Ruby on Rails app on heroku for sometime. Today I updated my SSL certificate (comodo positivessl wildcard) and from the browser's end it looks like the the certificate is correctly installed.

However, I noticed that the site wasn't loading correctly and then i got a bunch of 502 errors on my developers console. I then went into CloudFront to update the certificate, waited for the updates to deploy, and here we are a few hours later and my site still isn't connecting properly.

I use a custom cname for my site (which worked fine before today).

Can anyone tell me how to go about checking if the certificate is installed correctly on CLoudFront?

Jarrel09
  • 335
  • 2
  • 17
  • Stack Overflow is a site for programming and development questions. This question appears to be off-topic because it is not about programming or development. See [What topics can I ask about here](http://stackoverflow.com/help/on-topic) in the Help Center. Perhaps [Web Applications Stack Exchange](http://webapps.stackexchange.com/), [Webmaster Stack Exchange](http://webmasters.stackexchange.com/) or [Unix & Linux Stack Exchange](http://unix.stackexchange.com/) would be a better place to ask. – jww Mar 15 '18 at 03:22
  • 1
    ***`CN=www.example.com`*** is probably wrong. Hostnames always go in the *SAN*. If its present in the *CN*, then it must be present in the *SAN* too (you have to list it twice in this case). For more rules and reasons, see [How do you sign Certificate Signing Request with your Certification Authority](http://stackoverflow.com/a/21340898/608639) and [How to create a self-signed certificate with openssl?](http://stackoverflow.com/q/10175812/608639) – jww Mar 15 '18 at 03:23
  • Please post the URL you are using to connect to the server, and post the output of `openssl s_client -connect : -tls1 -servername | openssl x509 -text -noout`. Do so by adding it to your question by clicking *Edit* (and don't post it as a comment). Otherwise, we can't reproduce it and there's not enough information to help troubleshoot it. – jww Mar 15 '18 at 03:23

0 Answers0