0

I just downloaded a certificate from ZeroSSL and got it working, but when I try to access the site, Google Chrome prevents me from visiting because of an invalid certificate error. I tried running the SSL Labs server test (https://www.ssllabs.com/ssltest/) on my site, and got that I have a mismatched name in my certificate.

I'm confused about what the names should be.

Subject, common names, alternative name, and issuer are all listed as my private IPv4 DNS address, and under the alternative names it says 'MISMATCH'. What are these expected to be? The domain I supplied to ZeroSSL is my correct domain name, so what is causing this mismatch?

John Hanley
  • 74,467
  • 6
  • 95
  • 159
Basketbla
  • 31
  • 5
  • Are they completely identical or do you have a wildcard? Without wildcard, example.com cert isn't valid for www.example.com – Martheen Mar 23 '21 at 05:11
  • The SAN in the certificate should match the name in the URL. It is unclear what you've actually used to access the site and what is in the certificate, so it is impossible to say what you did exactly wrong here. But either you used the wrong name in the URL, used the wrong name in the certificate or did not configure the server properly so that the right certificate actually gets used. – Steffen Ullrich Mar 23 '21 at 05:40

1 Answers1

1

I found the issue. I'm running an Apache server on an AWS EC2 instance, and the path to the certificate that I specified inside of in my httpd.conf wasn't the path being used -- instead, the path specified as SSLCertificateFile inside of /etc/httpd/conf.d/ssl.conf was being used, which was set to be the certificate of the EC2 instance, not my certificate for my server. Everything is working now.

Basketbla
  • 31
  • 5